[PATCH] D96308: [llvm-objcopy] Avoid rename if input filename = output filename
Fangrui Song via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Feb 11 16:34:21 PST 2021
MaskRay abandoned this revision.
MaskRay added a comment.
In D96308#2552376 <https://reviews.llvm.org/D96308#2552376>, @jcai19 wrote:
> Thanks for this patch. You mentioned the following issue in one of your comments on https://reviews.llvm.org/D93881. IIUC, this patch seems to not have taken care of this issue.
>
> < I have mentioned that the GNU objcopy/strip smart_rename still has vulnerability and the owner preservation does not work for non-root (CAP_CHOWN) users.
>
> < chmod o+wx .
> < sudo chown mail a.o
> < sudo -u bin strip a.o # owner becomes bin. llvm-strip has the same behavior.
I think my description is correct. The GNU strip chown behavior is entirely about `sudo strip a` / `sudo strip a -o a`, but not `sudo strip a -o b` or `sudo strip a -o ./a`.
What this patch does is very similar to (expected) GNU binutils 2.37 behavior, not the existing binutils behavior.
I'll abandon this patch because the more I think about it, the more I value atomic operation.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D96308/new/
https://reviews.llvm.org/D96308
More information about the llvm-commits
mailing list