From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-79538-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 9E4A2139085
	for <garchives@archives.gentoo.org>; Sat,  4 Feb 2017 08:50:51 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 26EABE0C83;
	Sat,  4 Feb 2017 08:50:43 +0000 (UTC)
Received: from lovelace.chead.ca (unknown [IPv6:2002:a2df:e2a8::1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id D36A3E0C75
	for <gentoo-dev@lists.gentoo.org>; Sat,  4 Feb 2017 08:50:42 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=chead.ca;
	 s=lovelace20151122; h=Content-Type:MIME-Version:References:In-Reply-To:
	Message-ID:Subject:To:From:Date:Sender:Reply-To:Cc:Content-Transfer-Encoding:
	Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
	Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
	List-Subscribe:List-Post:List-Owner:List-Archive;
	bh=5Vui1GG00VgVpKUyzEsbgPZgb2WBf9t9ydNsWEJwlkY=; b=O6B8gg8iZ1kYjf+j019KeEF96W
	yqzekyzhHrqGyH2iu6IHNHtS2+SSpr080yHK1OgEQ8HDBYGX0SIccnJVyF79emjwjPrj1FJONvUFy
	Tko+iCuWirp2hCsYX5zjXteSamAO6tJwETYgpQvXh/9znngn6rt+AwQ6QPGx4T03Y3/8=;
Received: from d75-157-139-36.bchsia.telus.net ([75.157.139.36] helo=amdahl.home.chead.ca)
	by lovelace.chead.ca with esmtpsa (TLSv1.2:AES256-SHA:256)
	(Exim 4.88)
	(envelope-from <chead@chead.ca>)
	id 1cZw3N-0002hX-Ft
	for gentoo-dev@lists.gentoo.org; Sat, 04 Feb 2017 00:50:41 -0800
Date: Sat, 4 Feb 2017 00:50:38 -0800
From: Christopher Head <chead@chead.ca>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Re: Requirements for UID/GID management
Message-ID: <20170204005038.6148d654@amdahl.home.chead.ca>
In-Reply-To: <32310889-a605-f9e8-761d-861890f928d5@gentoo.org>
References: <9558d41c-17c0-4bbd-e2f8-02575c6d0ecd@gentoo.org>
	<ee24eb83-4430-40ff-07d0-577bc188457d@gentoo.org>
	<CAGfcS_=V+xmBU+fFbMQBH39E9-y9CUaZt9Bok80Wg6_jboHcbQ@mail.gmail.com>
	<20170127183752.500f8910@patrickm>
	<CAGfcS_kcXOa+NC5Eh_qGb95uEaaKsarjsK92jOuTpUB=P5sXxg@mail.gmail.com>
	<4a8204d4-929e-6260-957a-dcf8f82f4b24@gentoo.org>
	<c350f01e-0bf8-f7b4-cfa0-ce6a9575e5e2@gmail.com>
	<9bceefb9-f7d2-06a4-2304-d31f627f7656@gentoo.org>
	<3fd11559-004c-11f8-609a-923ebc074539@gmail.com>
	<495556ab-637c-6b21-fac0-52d3bd1e4986@gentoo.org>
	<616a4068-8581-bce6-3359-50b1ff5a817d@gmail.com>
	<8eb6fc27-8504-ad7d-7ad1-7272da662178@gentoo.org>
	<8bfa7182-7a02-7ecb-42d1-37c2d130f586@gmail.com>
	<513d3ceb-9e07-096a-ff5c-2cf8a5c2a6fd@gentoo.org>
	<20170130100557.49b3b77e@patrickm>
	<671d81bc-8432-a903-024f-40e3c19a4f96@gentoo.org>
	<slrno9968g.p7t.martin@lounge.imp.fu-berlin.de>
	<32310889-a605-f9e8-761d-861890f928d5@gentoo.org>
X-Mailer: Claws Mail 3.13.2 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 boundary="Sig_/mxfx/kwN2D5Q3Rvz2YgVg+1"; protocol="application/pgp-signature"
X-Archives-Salt: 3034585c-85d4-4631-912d-68838f8764fb
X-Archives-Hash: 31577381f8efefa457c44374bd8092cc

--Sig_/mxfx/kwN2D5Q3Rvz2YgVg+1
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Fri, 3 Feb 2017 14:29:04 -0500
Michael Orlitzky <mjo@gentoo.org> wrote:

> > However, it is no rocket science to write a race-free chown command
> > in C: Just open the file and use stat() and fchown() to be sure to
> > change only files from the "correct" user.
> >=20
> > Since this works on the filehandle and not on the filename, I think
> > that there is no possibility for an exploit when this is used in the
> > above find loop. =20
>=20
> Not a bad idea... we chould ship that safe-chown utility, and then
> tell users how to use it to fix their UIDs. The draft that I wrote up
> was for the "fixed UID with random fallback" model, but said utility
> could still be useful for people who want to change their running
> systems to use the same UIDs that would have been chosen by default.

Are you sure that said utility isn=E2=80=99t simply =E2=80=9Cchown --from=
=E2=80=9D?
--=20
Christopher Head

--Sig_/mxfx/kwN2D5Q3Rvz2YgVg+1
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

iQGcBAEBCAAGBQJYlZXfAAoJEEEvBYLpyLohiekL/0zndI6Zo2QPNuKODxdCSBwC
0vUtlIa2ikPbrDkvup2MxFrhDYJ1txTkjbjI4+OcISSSTiaCyrQ++QYqVh6Z9Fww
fThATCDEtSjhV2nXLJluRd1R2GBKYZX8szStKNn0sjJrahsVB1lW25+UtbtdGZ6B
PD1DHLkT1L+w0x/0iEtDWOc4Ra1uj3ZBVD4+u6ajb1W/WMIN2Y2og530eBdoI1NW
R9X/ZFY9rtsgKGQmRMOqn6+idSoyiY+DK44eI9B6kfTSb1iNj9DtR+QMa/ftP048
/R33nIs9po2TJkmBF0eJsuYgGryFTu1Fdedy0Y7QdUwpSHMZApVByqbp4OKx+jqY
9v2zZsNdpTN05X5n0+yzFXxHhoqqGkMd1Tq5g9md/p3GUYOgzPGO09RRYMkUPvM6
bdbLrjginJJoB5NQagywpeIXXXAVhSiitvQ91j2ow7HPmZ3BoW9AWavLFsAFV8dr
+MqaoTRFZs0m3tz3MyLcrmy1FXdKH+yIwYXDYRlX+Q==
=cJ2y
-----END PGP SIGNATURE-----

--Sig_/mxfx/kwN2D5Q3Rvz2YgVg+1--