Do not restore setuid/setgid unless root or owner of file

author: Lars Wirzenius <liw@liw.fi> 2012-11-24 20:35:59 +0000
committer: Lars Wirzenius <liw@liw.fi> 2012-11-24 20:35:59 +0000
commit: d7df89b2ecb5066eb2149bc76fc70c6f7f3214a5 (patch)
tree: 812cab9ce7344e2b4818f1fd5efbe68f3c65ce96
parent: b3f4eea63f1b45f290df64ff01438fab7fe4e597 (diff)
download: obnam-d7df89b2ecb5066eb2149bc76fc70c6f7f3214a5.tar.gz
2 files changed, 8 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 81380596..507ba8d6 100644
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,8 @@ Version X.Y, released UNRELEASED
 * Manual page now covers the diff subcommand. Patch by Peter Valdemar Mørch.
 * Speed optimisation patch for backing up files in inode numbering order,
   from Christophe Vu-Brugier.
+* A setuid or setgid bit is now not restored if Obnam is not used by root
+  or the same user as the owner of the restored file.
 
 Bug fixes:
 
diff --git a/obnamlib/metadata.py b/obnamlib/metadata.py
index 2c6bb1fe..baa5e29f 100644
--- a/obnamlib/metadata.py
+++ b/obnamlib/metadata.py
@@ -240,7 +240,12 @@ def set_metadata(fs, filename, metadata, getuid=None):
     if stat.S_ISLNK(metadata.st_mode):
         fs.symlink(metadata.target, filename)
     else:
-        fs.chmod(filename, metadata.st_mode)
+        # If we are not the owner, and not root, do not restore setuid/setgid.
+        mode = metadata.st_mode
+        if getuid() not in (0, metadata.st_uid):
+            mode = mode & (~stat.S_ISUID)
+            mode = mode & (~stat.S_ISGID)
+        fs.chmod(filename, mode)
 
     if metadata.xattr: # pragma: no cover
         set_xattrs_from_blob(fs, filename, metadata.xattr)
author	Lars Wirzenius <liw@liw.fi>	2012-11-24 20:35:59 +0000
committer	Lars Wirzenius <liw@liw.fi>	2012-11-24 20:35:59 +0000
commit	d7df89b2ecb5066eb2149bc76fc70c6f7f3214a5 (patch)
tree	812cab9ce7344e2b4818f1fd5efbe68f3c65ce96
parent	b3f4eea63f1b45f290df64ff01438fab7fe4e597 (diff)
download	obnam-d7df89b2ecb5066eb2149bc76fc70c6f7f3214a5.tar.gz