From 487bb0e9012c91f66ca5652c06e729f51faef585 Mon Sep 17 00:00:00 2001 From: Arvin Schnell Date: Thu, 10 Aug 2023 09:23:17 +0200 Subject: [PATCH 1/2] - relax access to info.xml files --- doc/permissions.txt | 34 ++++++++++++++++++++++++++++++++++ package/snapper.changes | 5 +++++ snapper/Snapshot.cc | 2 ++ 3 files changed, 41 insertions(+) create mode 100644 doc/permissions.txt diff --git a/doc/permissions.txt b/doc/permissions.txt new file mode 100644 index 00000000..431659ad --- /dev/null +++ b/doc/permissions.txt @@ -0,0 +1,34 @@ + +Distinguish to modi operandi: + +With DBus: + +- Access to snapshot metadata (info.xml) and filelist is takes care of + by snapperd. + +Without DBus: + +- In general only works when snapper is run by root. + + +File and directory permissions: + +The .snapshots directory must be readable by those allowed to work +with the snapper config. This is required even though the DBus +interface is used since some operations (e.g. diff and undochange) are +always done by snapper (not snapperd). + +snapper creates .snapshots with access only allowed for root. + +snapper can setup ACLs for access for .snapshots. + + +Giving users access to work with a snapper config may allow them to +see directory and file content in areas they would otherwise not be +allowed to see. + + +info.xml may be readable by all. Only writeable by root. + +filelists may be readable by all. Only writeable by root. + diff --git a/package/snapper.changes b/package/snapper.changes index 0b1c6e84..efa81bf8 100644 --- a/package/snapper.changes +++ b/package/snapper.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Aug 10 09:20:42 CEST 2023 - aschnell@suse.com + +- relax access to info.xml files (gh#openSUSE/snapper#279) + ------------------------------------------------------------------- Fri Jul 14 14:05:56 CEST 2023 - aschnell@suse.com diff --git a/snapper/Snapshot.cc b/snapper/Snapshot.cc index d408e1f3..ec2be924 100644 --- a/snapper/Snapshot.cc +++ b/snapper/Snapshot.cc @@ -556,6 +556,8 @@ namespace snapper SN_THROW(IOErrorException(sformat("SDir::mktemp failed, errno:%d (%s)", errno, stringerror(errno).c_str()))); + fchmod(fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); + try { xml.save(fd); From 58dca8ef5989ce711e11a8ae9f4bfc98b221cf87 Mon Sep 17 00:00:00 2001 From: Arvin Schnell Date: Thu, 10 Aug 2023 09:34:05 +0200 Subject: [PATCH 2/2] - coding style --- client/mksubvolume.cc | 2 +- snapper/FileUtils.cc | 10 +++++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/client/mksubvolume.cc b/client/mksubvolume.cc index 792ee751..36e29572 100644 --- a/client/mksubvolume.cc +++ b/client/mksubvolume.cc @@ -20,7 +20,7 @@ */ -#include +#include #include #include #include diff --git a/snapper/FileUtils.cc b/snapper/FileUtils.cc index 9da572f3..aa6bc165 100644 --- a/snapper/FileUtils.cc +++ b/snapper/FileUtils.cc @@ -405,23 +405,27 @@ namespace snapper static const char letters[] = "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "0123456789"; + const size_t num_letters = strlen(letters); + static uint64_t value; struct timeval tv; gettimeofday(&tv, NULL); value += ((uint64_t) tv.tv_usec << 16) ^ tv.tv_sec; - unsigned int attempts = 62 * 62 * 62; + unsigned int attempts = num_letters * num_letters * num_letters; string::size_type length = name.size(); + assert(length >= 6); + for (unsigned int count = 0; count < attempts; value += 7777, ++count) { uint64_t v = value; for (string::size_type i = length - 6; i < length; ++i) { - name[i] = letters[v % 62]; - v /= 62; + name[i] = letters[v % num_letters]; + v /= num_letters; } int fd = open(name, O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC, S_IRUSR | S_IWUSR);