Lasse Collin <[EMAIL PROTECTED]> writes: > Now the users in the "restrict" group will have access to foo.gz > although they didn't have access to the original foo file.
First, the same problem applies to user permissions too, no? For example, if the original file is mode 066, the compressed copy will be writeable to the original user even though the original user doesn't own the copy and couldn't write the original file. Second, we don't need weird permissions to illustrate the problem of "unexpected" permissions-granting. We can just have a file that's mode 660. The copy will be in a different group, so users in that group will be able to access the file even though they couldn't access it before. > - fchown (ofd, ifstat->st_uid, ifstat->st_gid); /* Copy ownership */ > + (void) fchown (ofd, ifstat->st_uid, -1); > + r = fchown (ofd, -1, ifstat->st_gid); I dunno, this sort of change gives me the willies, and the rest of the code that's added to work around the glitches doesn't dispell the willies. This same problem must afflict almost every program that invokes chown() or fchown(). It's not reasonable to make this change to all applications. What we can do is tell users "don't use weird permissions like that, unless you really know what you're doing, and you probably don't".
