Bruno Haible wrote:
Paolo Bonzini wrote:
"sed -i" bothers. ... hard links ... the choice
to break them or keep them must be done uniformly on all platforms
This choice has been already been made public in sed's documentation:
Yes, the reference to keeping/breaking hard links was about when I added
sed -i, not about a recent decision.
it must recreate the file (*) and then copy it
to the old file name. In doing so it must copy the security context
just like it copies UIDs, GIDs, modes and ACLs.
So this means:
1) The existing module 'copy-file' (used e.g. by gettext when creating
backup files) should be updated to copy also the selinux context of
the file. Anyone knows how to do that?
http://git.savannah.gnu.org/gitweb/?p=sed.git;a=commitdiff;h=fa01dd7
should teach you, it's easier than I expected.
2) We should also have a module that creates a new, empty file with the
security context (uid, gid, mode, ACL and selinux context) of a given
file.
I don't think so, because most of the time you want restrictive
permissions until the file is complete. So we could instead have a
module that takes a file descriptor and copies all the attributes of a
given file (or descriptor) to it.
http://git.savannah.gnu.org/gitweb/?p=sed.git;a=commitdiff;h=5156c1 did
this change for sed, I'm pretty sure you want it in copy-file too. I
cannot describe a case in which it constitutes a security problem, but
I'm pretty sure one could be constructed.
Paolo
