Merge pull request #830 from aschnell/master

- relax access to info.xml files
openSUSE · Aug 10, 2023 · 6ff34d5 · 6ff34d5
2 parents f6acf91 + 58dca8e
commit 6ff34d5
Show file tree

Hide file tree

Showing 5 changed files with 49 additions and 4 deletions.
diff --git a/client/mksubvolume.cc b/client/mksubvolume.cc
@@ -20,7 +20,7 @@
  */
 
 
-#include <string.h>
+#include <cstring>
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/stat.h>

diff --git a/doc/permissions.txt b/doc/permissions.txt
@@ -0,0 +1,34 @@
+
+Distinguish to modi operandi:
+
+With DBus:
+
+- Access to snapshot metadata (info.xml) and filelist is takes care of
+  by snapperd.
+
+Without DBus:
+
+- In general only works when snapper is run by root.
+
+
+File and directory permissions:
+
+The .snapshots directory must be readable by those allowed to work
+with the snapper config. This is required even though the DBus
+interface is used since some operations (e.g. diff and undochange) are
+always done by snapper (not snapperd).
+
+snapper creates .snapshots with access only allowed for root.
+
+snapper can setup ACLs for access for .snapshots.
+
+
+Giving users access to work with a snapper config may allow them to
+see directory and file content in areas they would otherwise not be
+allowed to see.
+
+
+info.xml may be readable by all. Only writeable by root.
+
+filelists may be readable by all. Only writeable by root.
+
diff --git a/package/snapper.changes b/package/snapper.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Aug 10 09:20:42 CEST 2023 - [email protected]
+
+- relax access to info.xml files (gh#openSUSE/snapper#279)
+
 -------------------------------------------------------------------
 Fri Jul 14 14:05:56 CEST 2023 - [email protected]
 

diff --git a/snapper/FileUtils.cc b/snapper/FileUtils.cc
@@ -405,23 +405,27 @@ namespace snapper
 	static const char letters[] = "abcdefghijklmnopqrstuvwxyz" "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
 	    "0123456789";
 
+	const size_t num_letters = strlen(letters);
+
 	static uint64_t value;
 
 	struct timeval tv;
 	gettimeofday(&tv, NULL);
 	value += ((uint64_t) tv.tv_usec << 16) ^ tv.tv_sec;
 
-	unsigned int attempts = 62 * 62 * 62;
+	unsigned int attempts = num_letters * num_letters * num_letters;
 
 	string::size_type length = name.size();
 
+	assert(length >= 6);
+
 	for (unsigned int count = 0; count < attempts; value += 7777, ++count)
 	{
 	    uint64_t v = value;
 	    for (string::size_type i = length - 6; i < length; ++i)
 	    {
-		name[i] = letters[v % 62];
-		v /= 62;
+		name[i] = letters[v % num_letters];
+		v /= num_letters;
 	    }
 
 	    int fd = open(name, O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC, S_IRUSR | S_IWUSR);

diff --git a/snapper/Snapshot.cc b/snapper/Snapshot.cc
@@ -556,6 +556,8 @@ namespace snapper
 	    SN_THROW(IOErrorException(sformat("SDir::mktemp failed, errno:%d (%s)", errno,
 					      stringerror(errno).c_str())));
 
+	fchmod(fd, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+
 	try
 	{
 	    xml.save(fd);