Project

General

Profile

Bug #13612

The file from Rudder server technique may change permission of the destination parent directory instead of the file

Added by Benoît PECCATTE over 1 year ago. Updated about 2 months ago.

Status:
Pending release
Priority:
N/A
Category:
Techniques
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
User visibility:
Getting started - demo | first install | level 1 Techniques
Effort required:
Very Small
Priority:
0

Description

When the source is a file and the destination is a directory, the source is not copied and the destination permission are modified.

We should change this behaviour.


Subtasks

ncf - Bug #16176: rudder_copy_from should check for file typeReleasedBenoît PECCATTEActions

Related issues

Related to ncf - Bug #16267: Copying a file to a directory using the "file_from_shared_folder" method results in a success report even if nothing is doneReleasedActions

Associated revisions

Revision 86f5113d (diff)
Added by Félix DALLIDET 3 months ago

Fixes #13612: The file from Rudder server technique may change permission of the destination parent directory instead of the file

History

#1

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 4.3.5 to 4.3.6
#2

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.3.6 to 4.3.7
#3

Updated by François ARMAND about 1 year ago

  • Severity set to Critical - prevents main use of Rudder | no workaround | data loss | security
  • User visibility set to Getting started - demo | first install | level 1 Techniques
  • Effort required set to Very Small
  • Priority changed from 0 to 122

This is a security issue, because you can mess up file permission with that.
The "very small" is to at least find a way to prevent that behavior.

#4

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.3.7 to 4.3.8
  • Priority changed from 122 to 0
#5

Updated by Vincent MEMBRÉ about 1 year ago

  • Target version changed from 4.3.8 to 4.3.9
#6

Updated by Alexis MOUSSET about 1 year ago

  • Target version changed from 4.3.9 to 4.3.10
#7

Updated by François ARMAND 11 months ago

  • Target version changed from 4.3.10 to 4.3.11
#8

Updated by Vincent MEMBRÉ 10 months ago

  • Target version changed from 4.3.11 to 4.3.12
#9

Updated by Vincent MEMBRÉ 9 months ago

  • Target version changed from 4.3.12 to 4.3.13
#10

Updated by Vincent MEMBRÉ 8 months ago

  • Target version changed from 4.3.13 to 4.3.14
#11

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 4.3.14 to 587
#12

Updated by Vincent MEMBRÉ 7 months ago

  • Target version changed from 587 to 4.3.14
#13

Updated by Alexis MOUSSET 7 months ago

  • Target version changed from 4.3.14 to 5.0.13
#14

Updated by Vincent MEMBRÉ 5 months ago

  • Target version changed from 5.0.13 to 5.0.14
#15

Updated by Vincent MEMBRÉ 4 months ago

  • Target version changed from 5.0.14 to 5.0.15
#16

Updated by Félix DALLIDET 3 months ago

  • Status changed from New to In progress
  • Assignee set to Félix DALLIDET
#17

Updated by Félix DALLIDET 3 months ago

cfengine offers the "check_type" option on its copy_from bundle to fail if we are dealing with unmatching file type (link/dir/file).
Enforcing it, should solve the problem.

#18

Updated by Félix DALLIDET 3 months ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Félix DALLIDET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1557
#19

Updated by Félix DALLIDET 3 months ago

  • Status changed from Pending technical review to Pending release
#24

Updated by Félix DALLIDET 2 months ago

  • Related to Bug #16267: Copying a file to a directory using the "file_from_shared_folder" method results in a success report even if nothing is done added
#27

Updated by Vincent MEMBRÉ about 2 months ago

This bug has been fixed in Rudder 5.0.15 which was released today.

Also available in: Atom PDF