From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS3215 2.6.0.0/16 X-Spam-Status: No, score=-3.9 required=3.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,URIBL_CSS,URIBL_CSS_A shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by dcvr.yhbt.net (Postfix) with ESMTP id EC2901F4D7 for ; Thu, 12 May 2022 18:15:43 +0000 (UTC) Authentication-Results: dcvr.yhbt.net; dkim=pass (1024-bit key; unprotected) header.d=pobox.com header.i=@pobox.com header.b="WgK7S3lA"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1357516AbiELSPQ (ORCPT ); Thu, 12 May 2022 14:15:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1357502AbiELSPO (ORCPT ); Thu, 12 May 2022 14:15:14 -0400 Received: from pb-smtp20.pobox.com (pb-smtp20.pobox.com [173.228.157.52]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ED8D226FA64 for ; Thu, 12 May 2022 11:15:11 -0700 (PDT) Received: from pb-smtp20.pobox.com (unknown [127.0.0.1]) by pb-smtp20.pobox.com (Postfix) with ESMTP id 714F919A63F; Thu, 12 May 2022 14:15:10 -0400 (EDT) (envelope-from junio@pobox.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h=from:to:cc :subject:references:date:in-reply-to:message-id:mime-version :content-type:content-transfer-encoding; s=sasl; bh=wy2oSqza6u19 1gWjM+0oPFG5TqCXkLuQTZlHJBjNqY4=; b=WgK7S3lAX+YMe+SbADTLpdmDKU0r qScq2dp0ffp3eMPrVM9UNHiHfAr2196bWfOfcUjUWfRBFi2C41I+Ct5Fat6INlV8 G6lqQPEBkJKP+N36EmeQMF9q/MnupiO2Rc6uYbyftFtivvTHWm2zt8pNFvFx8v/Q ENpFvZuhQDLJ3qU= Received: from pb-smtp20.sea.icgroup.com (unknown [127.0.0.1]) by pb-smtp20.pobox.com (Postfix) with ESMTP id 6A1D019A63E; Thu, 12 May 2022 14:15:10 -0400 (EDT) (envelope-from junio@pobox.com) Received: from pobox.com (unknown [34.83.65.128]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pb-smtp20.pobox.com (Postfix) with ESMTPSA id 1221219A63A; Thu, 12 May 2022 14:15:07 -0400 (EDT) (envelope-from junio@pobox.com) From: Junio C Hamano To: =?utf-8?Q?Ren=C3=A9?= Scharfe Cc: rsbecker@nexbridge.com, 'Johannes Schindelin via GitGitGadget' , git@vger.kernel.org, 'Taylor Blau' , 'Derrick Stolee' , 'Elijah Newren' , 'Johannes Schindelin' Subject: Re: [PATCH v4 1/7] archive: optionally add "virtual" files References: <45662cf582ab7c8b1c32f55c9a34f4d73a28b71d.1652210824.git.gitgitgadget@gmail.com> <03d701d864ba$46d15c10$d4741430$@nexbridge.com> <3cf6e4f8-9151-6d68-21ca-b94d6a7557e6@web.de> <47ed5a2f-f4aa-1ec1-27c9-9b0b70eb8bca@web.de> Date: Thu, 12 May 2022 11:15:05 -0700 In-Reply-To: <47ed5a2f-f4aa-1ec1-27c9-9b0b70eb8bca@web.de> (=?utf-8?Q?=22R?= =?utf-8?Q?en=C3=A9?= Scharfe"'s message of "Thu, 12 May 2022 18:16:50 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 X-Pobox-Relay-ID: 73D6DDFC-D21F-11EC-88A6-C85A9F429DF0-77302942!pb-smtp20.pobox.com Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Ren=C3=A9 Scharfe writes: > Good point. write_tar_entry() actually normalizes the permission bits > and applies tar.umask (0002 by default): > > if (S_ISDIR(mode) || S_ISGITLINK(mode)) { > *header.typeflag =3D TYPEFLAG_DIR; > mode =3D (mode | 0777) & ~tar_umask; > } else if (S_ISLNK(mode)) { > *header.typeflag =3D TYPEFLAG_LNK; > mode |=3D 0777; > } else if (S_ISREG(mode)) { > *header.typeflag =3D TYPEFLAG_REG; > mode =3D (mode | ((mode & 0100) ? 0777 : 0666)) & ~tar_umask; Yeah, this side seems to care only about u+x bit, so "add-executable" as a separate option would fly we.. > But write_zip_entry() only normalizes (drops) the permission bits of > non-executable files: > > attr2 =3D S_ISLNK(mode) ? ((mode | 0777) << 16) : > (mode & 0111) ? ((mode) << 16) : 0; > if (S_ISLNK(mode) || (mode & 0111)) > creator_version =3D 0x0317; > > attr2 corresponds to the field "external file attributes" mentioned in > the ZIP format specification, APPNOTE.TXT. It's interpreted based on > the "version made by" (creator_version here); that 0x03 part above > means "UNIX". The default is MS-DOS (FAT filesystem), with effectivly > no support for file permissions. > > So we currently leak permission bits of executable files into ZIP > archives, but not tar files. :-| Normalizing those to 0755 would be > more consistent. Yup. >> For tracked paths, we probably are normalizing the blobs >> between 0644 and 0755 way before the values are passed as "mode" >> parameter to the write_entry() functions, but for these extra files, >> there is no such massaging. > > Right, mode values from read_tree() pass through canon_mode(), so only > untracked files (those appended with --add-file) are affected by the > leakage mentioned above. Thanks for sanity-checking.