rebase db perms seem too restrictive

Mon Nov 17 09:26:00 GMT 2014

On Nov 17 14:14, Shaddy Baddah wrote:
> Hi,
>> I expect that there wasn't any explicit reasoning behind this, but
> rebase creates a db with permissions that are too restrictive. To me
> anyway, as I cannot see any danger in the db being readable by all.
>> This snippet describes it:
>> <snip>
> $ whoami
> sbaddah
> $ od -c /etc/rebase.db.x86_64
> od: /etc/rebase.db.x86_64: Permission denied
> $ ls -l /etc/rebase.db.x86_64
> -rw-rw---- 1 portapps None 86020 Nov 11 15:34 /etc/rebase.db.x86_64
> </snip>
>> I've attached an untested patch that would allow at least world readable
> perms. It would be appreciated if it was applied :-)
>> -- 
> Regards,
> Shaddy

> diff --git a/rebase.c b/rebase.c
> index 9504a48..a078e1d 100644
> --- a/rebase.c
> +++ b/rebase.c
> @@ -288,7 +288,7 @@ mkstemp (char *name)
> {
> return _open (mktemp (name),
> O_RDWR | O_BINARY | O_CREAT | O_EXCL | O_TRUNC | _O_SHORT_LIVED,
> - _S_IREAD|_S_IWRITE);
> + _S_IREAD|_S_IWRITE|S_IRGRP|S_IROTH);
> }
> #endif

That won't work. Check the surroundng #ifdef's. The mkstemp
replacement function is only called when building rebase for Mingw. If
it's called on Cygwin, it uses Cygwin's implementation of mkstemp,
which follows the (security) lead of other POSIX systems and creates
the files with 0600 permissions. After the file got written, the
permissions are changed, see lines 358ff.
Corinna
-- 
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20141117/09a5961e/attachment.sig>