apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William A Rowe Jr <wr...@rowe-clan.net>
Subject Re: apr_file_copy with APR_FILE_SOURCE_PERMS not copying permissions if destination already exists
Date Thu, 30 Mar 2017 19:44:40 GMT
On Thu, Mar 30, 2017 at 11:30 AM, Nick Kew <niq@apache.org> wrote:
> On Thu, 2017-03-30 at 09:59 -0500, William A Rowe Jr wrote:
>
>> > Is this the expected behaviour? should documentation warn that if the
>> > destination already exists, then permissions will not be copied even with
>> > that flag?
>>
>> Since we make no statement either way I wouldn't call this 'expected'.
>>
>> The linux behavior of cp -p differs from the APR 1.5.x and earlier behavior.
>
> Is Linux in any sense definitive?  Is there any standard
> with unix roots (or even from the Windows world)?
> Does the flag mirror anything from stdio & friends ?

There is no alternate implementation, the same file/unix/copy.c
source is used on all architectures.

Looking at a Win32 API for accomplishing the same, there are no
flags to surpress copying the permissions/security attributes, these
are always duplicated
https://msdn.microsoft.com/en-us/library/windows/desktop/aa363852%28v=vs.85%29.aspx
The CopyFile2 API is slightly richer (prepare for headspin);
COPY_FILE_REQUEST_SECURITY_PRIVILEGES
The copy is attempted, specifying ACCESS_SYSTEM_SECURITY for the
source file and ACCESS_SYSTEM_SECURITY | WRITE_DAC | WRITE_OWNER for
the destination file. If these requests are denied the access request
will be reduced to the highest privilege level for which access is
granted. For more information see SACL Access Right. This can be used
to allow theCopyFile2ProgressRoutine callback to perform operations
requiring higher privileges, such as copying the security attributes
for the file.

So in short, I don't think there is a good analog in the Win32 API,
and I'm not aware a posix file copy facility. There are convoluted
ioctl approaches, but nothing for general consumption, e.g.
http://lists.gnu.org/archive/html/coreutils/2011-08/msg00006.html

We should at least note that right now, permissions are only copied
or assigned if the file is absent when apr_file_copy() is invoked.

Mime
View raw message