From a9ecd0fa8141e7614ca35d5a4d2fe5c96b1a7890 Mon Sep 17 00:00:00 2001 From: Peter Gervai Date: Thu, 22 Aug 2024 14:29:57 +0200 Subject: [PATCH 1/3] Expand std::os::unix::fs::chown() doc with a warning Include warning about losing setuid/gid when chowning, per POSIX. --- library/std/src/os/unix/fs.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/library/std/src/os/unix/fs.rs b/library/std/src/os/unix/fs.rs index caf6980afd91b..f063fa06cc959 100644 --- a/library/std/src/os/unix/fs.rs +++ b/library/std/src/os/unix/fs.rs @@ -985,6 +985,10 @@ impl DirBuilderExt for fs::DirBuilder { /// Changing the owner typically requires privileges, such as root or a specific capability. /// Changing the group typically requires either being the owner and a member of the group, or /// having privileges. +/// +/// Be aware that changing owner clears the `suid` and `sgid` permission bits in most cases +/// according to POSIX, usually even if the user is root. The sgid is not cleared when +/// the file is non-group-executable. /// /// If called on a symbolic link, this will change the owner and group of the link target. To /// change the owner and group of the link itself, see [`lchown`]. From 3408dc1eb5f8d744b4d7d5a4392ae6456f036ad9 Mon Sep 17 00:00:00 2001 From: Peter Gervai Date: Thu, 22 Aug 2024 18:38:27 +0200 Subject: [PATCH 2/3] Update chown help with a link and adding cap warning Linked to chown(2) manpage on the web which expands on chown call behaviour. --- library/std/src/os/unix/fs.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/library/std/src/os/unix/fs.rs b/library/std/src/os/unix/fs.rs index f063fa06cc959..92613d9b004ce 100644 --- a/library/std/src/os/unix/fs.rs +++ b/library/std/src/os/unix/fs.rs @@ -988,7 +988,8 @@ impl DirBuilderExt for fs::DirBuilder { /// /// Be aware that changing owner clears the `suid` and `sgid` permission bits in most cases /// according to POSIX, usually even if the user is root. The sgid is not cleared when -/// the file is non-group-executable. +/// the file is non-group-executable. See: +/// This call may also clear file capabilities, if there was any. /// /// If called on a symbolic link, this will change the owner and group of the link target. To /// change the owner and group of the link itself, see [`lchown`]. From 451c8cdb06b5d4033fe245ce19fdd9bfabd13f1f Mon Sep 17 00:00:00 2001 From: Peter Gervai Date: Thu, 14 Nov 2024 22:01:13 +0100 Subject: [PATCH 3/3] Remove one stray space. --- library/std/src/os/unix/fs.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/std/src/os/unix/fs.rs b/library/std/src/os/unix/fs.rs index 92613d9b004ce..7c2c3f33d80b7 100644 --- a/library/std/src/os/unix/fs.rs +++ b/library/std/src/os/unix/fs.rs @@ -985,7 +985,7 @@ impl DirBuilderExt for fs::DirBuilder { /// Changing the owner typically requires privileges, such as root or a specific capability. /// Changing the group typically requires either being the owner and a member of the group, or /// having privileges. -/// +/// /// Be aware that changing owner clears the `suid` and `sgid` permission bits in most cases /// according to POSIX, usually even if the user is root. The sgid is not cleared when /// the file is non-group-executable. See: