Dear developers,
I discovered that directories created by scp when recursive
copying into a sgid directory do not inherit the sgid bit. I believe
this is a bug. A patch to fix this is attached.
Regards,
Petr Skovron
-------------- next part --------------
--- scp.c.orig 2005-10-11 16:50:17.000000000 +0200
+++ scp.c 2005-10-11 16:57:25.000000000 +0200
@@ -876,8 +876,12 @@
run_err("%s: set times: %s",
vect[0], strerror(errno));
}
- if (mod_flag)
+ if (mod_flag) {
+ if (stat(vect[0], &stb)==0)
+ mode= (mode & S_IRWXU) |
+ (stb.st_mode & ~S_IRWXU);
(void) chmod(vect[0], mode);
+ }
if (vect[0])
xfree(vect[0]);
continue;
On Tue, Oct 11, 2005 at 05:20:03PM +0200, Petr Skovron wrote:> > I discovered that directories created by scp when recursive > copying into a sgid directory do not inherit the sgid bit. I believe > this is a bug. A patch to fix this is attached.Does rcp do so? -- albert chin (china at thewrittenword.com)
On Thu, Oct 13, 2005 at 06:08:40PM -0500, Albert Chin wrote:> On Tue, Oct 11, 2005 at 05:20:03PM +0200, Petr Skovron wrote: > > > > I discovered that directories created by scp when recursive > > copying into a sgid directory do not inherit the sgid bit. I believe > > this is a bug. A patch to fix this is attached. > > Does rcp do so?The version /* $OpenBSD: rcp.c,v 1.41 2005/03/31 18:39:21 deraadt Exp $ */ seems to behave the same, with the respective code around lines 677 (mkdir) and 689 (chmod).> albert chin (china at thewrittenword.com)Petr Sk
Petr Skovron wrote:> Albert Chin wrote: > > Petr Skovron wrote: > > > I discovered that directories created by scp when recursive > > > copying into a sgid directory do not inherit the sgid bit. I believe > > > this is a bug. A patch to fix this is attached. > > > > Does rcp do so? > > The version > /* $OpenBSD: rcp.c,v 1.41 2005/03/31 18:39:21 deraadt Exp $ */ > seems to behave the same, with the respective code around lines 677 > (mkdir) and 689 (chmod).Because rcp was developed on BSD a better question seems to me to be what is the overall behavior of using rcp on BSD systems? AFAIK directories always behave as if the sgid bit is set there. (The behavior originated there and sgid simulates it on SysV systems.) Therefore no special handling is needed to get the overall behavior on BSD systems. Bob
Petr Skovron wrote:> Dear developers,I am not an ssh developer but your issue interested me.> I discovered that directories created by scp when recursive > copying into a sgid directory do not inherit the sgid bit. I believe > this is a bug. A patch to fix this is attached.I was not able to recreate your issue on my GNU/Linux system. Therefore I don't think I understand it fully. Could you create a small test case that illustrates the problem? I tried the following. mkdir foodir bardir chgrp staff foodir chmod g+ws foodir touch bardir/bar scp -r bardir foodir/ ls -ld foodir foodir/bardir foodir/bardir/bar drwxrwsr-x 3 bob staff 72 2005-10-16 14:07 foodir drwxr-sr-x 2 bob staff 72 2005-10-16 14:07 foodir/bardir -rw-r--r-- 1 bob staff 0 2005-10-16 14:07 foodir/bardir/bar On my system the sgid bit was inherited as I expected. Are you using the 'scp -p' option? If so then the -p will explicitly set the permissions of the newly created files to the mode in the source. This will override the sgid directory behavior as expected. Bob
> I was not able to recreate your issue on my GNU/Linux system. > Therefore I don't think I understand it fully. Could you create a > small test case that illustrates the problem? I tried the following. > > mkdir foodir bardir > chgrp staff foodir > chmod g+ws foodir > touch bardir/bar > scp -r bardir foodir/When scp copies a local file to local, ordinary cp is invoked (as scp -v should show), see scp.c line +-462.> ls -ld foodir foodir/bardir foodir/bardir/bar > drwxrwsr-x 3 bob staff 72 2005-10-16 14:07 foodir > drwxr-sr-x 2 bob staff 72 2005-10-16 14:07 foodir/bardir > -rw-r--r-- 1 bob staff 0 2005-10-16 14:07 foodir/bardir/bar > > On my system the sgid bit was inherited as I expected.To recreate the relevant behaviour, use scp -r localhost:bardir foodir or scp -r bardir localhost:foodir (my system is linux debian 3.1 with kernel 2.4.30). When replying, please send me a Cc:, as I am not a member of the list. Thanks.> BobPetr