Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fs::copy() linux: handle sparse files and set file mode early #58636

Closed
wants to merge 1 commit into from
Closed

fs::copy() linux: handle sparse files and set file mode early #58636

wants to merge 1 commit into from

Conversation

haraldh
Copy link
Contributor

@haraldh haraldh commented Feb 22, 2019

A convenience method like fs::copy() should try to prevent pitfalls a
normal user doesn't think about.

In case of an empty umask, setting the file mode early prevents
temporarily world readable or even writeable files,
because the default mode is 0o666.

In case the target is a named pipe or special device node, setting the
file mode can lead to unwanted side effects, like setting permissons on
/dev/stdout or for root setting permissions on /dev/null.

Not handling sparse files could fill up the users disk very quickly.

Fixes:
#26933
#37885
#58635

@rust-highfive
Copy link
Collaborator

r? @shepmaster

(rust_highfive has picked a reviewer for you, use r? to override)

@rust-highfive rust-highfive added the S-waiting-on-review Status: Awaiting review from the assignee but also interested parties. label Feb 22, 2019
@haraldh haraldh force-pushed the copy_sparse branch 2 times, most recently from d9df8b9 to 58e4ee2 Compare February 22, 2019 10:35
@haraldh haraldh mentioned this pull request Feb 22, 2019
Closed
@haraldh
fs::copy() linux: handle sparse files and set file mode early
81118c3 
A convenience method like fs::copy() should try to prevent pitfalls a
normal user doesn't think about.

In case of an empty umask, setting the file mode early prevents
temporarily world readable or even writeable files,
because the default mode is 0o666.

In case the target is a named pipe or special device node, setting the
file mode can lead to unwanted side effects, like setting permissons on
`/dev/stdout` or for root setting permissions on `/dev/null`.

Not handling sparse files could fill up the users disk very quickly.

Fixes:
rust-lang#26933
rust-lang#37885
rust-lang#58635
@mattico
Copy link
Contributor

mattico commented Feb 26, 2019

Rust doesn't support kernels older than 2.6 (https://forge.rust-lang.org/platform-support.html). I don't object to the check being there but something else is likely to break before anyone gets to this code.

@Centril
Copy link
Contributor

Centril commented Feb 26, 2019

r? @alexcrichton

@alexcrichton
Copy link
Member

Thanks for the PR! We actually had a different request for this as well recently, but I think the verdict is still the same as before. We're not currently in a position to maintain complicated maintenance of file copying to this degree. This sort of algorithm would be perfect for crates.io, however!

Would you be ok to slim down this PR to just the bug fixes aside from the sparse file handling?

@vi
Copy link
Contributor

vi commented Feb 28, 2019
edited
Loading

If handling sparse files is out of scope by design then it should probably be mentioned in std::fs::copy's documentation, maybe with a link to said crate of crates.io.

@haraldh
Copy link
Contributor Author

haraldh commented Feb 28, 2019

Fix for the non-sparse version:
#58803

@gnzlbg
Copy link
Contributor

gnzlbg commented Feb 28, 2019

We're not currently in a position to maintain complicated maintenance of file copying to this degree.

Would it help if this PR would add a test to prevent this from breaking again?

@bors
Copy link
Contributor

bors commented Feb 28, 2019

☔ The latest upstream changes (presumably #58208) made this pull request unmergeable. Please resolve the merge conflicts.

@alexcrichton
Copy link
Member

@vi yes adding documentation to that effect seems reasonable. @gnzlbg afaik nothing broke here, this is new functionality being added. @haraldh thanks for opening a new PR! Should this one be closed in that case?

@haraldh
Copy link
Contributor Author

haraldh commented Mar 1, 2019

@alexcrichton yeah, close this, if sparse files won't be handled.

@alexcrichton
Copy link
Member

Ok!

@haraldh haraldh mentioned this pull request May 19, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@alexcrichton alexcrichton

Labels
S-waiting-on-review Status: Awaiting review from the assignee but also interested parties.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@haraldh @rust-highfive @mattico @Centril @alexcrichton @vi @gnzlbg @bors @shepmaster