Project

General

Profile

Actions

Bug #13612

closed

The file from Rudder server technique may change permission of the destination parent directory instead of the file

Added by Benoît PECCATTE over 2 years ago. Updated 7 months ago.

Status:
Released
Priority:
N/A
Category:
Techniques
Target version:
Severity:
Critical - prevents main use of Rudder | no workaround | data loss | security
User visibility:
Getting started - demo | first install | level 1 Techniques
Effort required:
Very Small
Priority:
0

Description

When the source is a file and the destination is a directory, the source is not copied and the destination permission are modified.

We should change this behaviour.


Subtasks 1 (0 open1 closed)

ncf - Bug #16176: rudder_copy_from should check for file typeReleasedBenoît PECCATTEActions

Related issues

Related to ncf - Bug #16267: Copying a file to a directory using the "file_from_shared_folder" method results in a success report even if nothing is doneReleasedAlexis MOUSSETActions
Actions #1

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.3.5 to 4.3.6
Actions #2

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.3.6 to 4.3.7
Actions #3

Updated by François ARMAND over 2 years ago

  • Severity set to Critical - prevents main use of Rudder | no workaround | data loss | security
  • User visibility set to Getting started - demo | first install | level 1 Techniques
  • Effort required set to Very Small
  • Priority changed from 0 to 122

This is a security issue, because you can mess up file permission with that.
The "very small" is to at least find a way to prevent that behavior.

Actions #4

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.3.7 to 4.3.8
  • Priority changed from 122 to 0
Actions #5

Updated by Vincent MEMBRÉ over 2 years ago

  • Target version changed from 4.3.8 to 4.3.9
Actions #6

Updated by Alexis MOUSSET over 2 years ago

  • Target version changed from 4.3.9 to 4.3.10
Actions #7

Updated by François ARMAND about 2 years ago

  • Target version changed from 4.3.10 to 4.3.11
Actions #8

Updated by Vincent MEMBRÉ about 2 years ago

  • Target version changed from 4.3.11 to 4.3.12
Actions #9

Updated by Vincent MEMBRÉ almost 2 years ago

  • Target version changed from 4.3.12 to 4.3.13
Actions #10

Updated by Vincent MEMBRÉ almost 2 years ago

  • Target version changed from 4.3.13 to 4.3.14
Actions #11

Updated by Vincent MEMBRÉ almost 2 years ago

  • Target version changed from 4.3.14 to 587
Actions #12

Updated by Vincent MEMBRÉ almost 2 years ago

  • Target version changed from 587 to 4.3.14
Actions #13

Updated by Alexis MOUSSET almost 2 years ago

  • Target version changed from 4.3.14 to 5.0.13
Actions #14

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 5.0.13 to 5.0.14
Actions #15

Updated by Vincent MEMBRÉ over 1 year ago

  • Target version changed from 5.0.14 to 5.0.15
Actions #16

Updated by Félix DALLIDET over 1 year ago

  • Status changed from New to In progress
  • Assignee set to Félix DALLIDET
Actions #17

Updated by Félix DALLIDET over 1 year ago

cfengine offers the "check_type" option on its copy_from bundle to fail if we are dealing with unmatching file type (link/dir/file).
Enforcing it, should solve the problem.

Actions #18

Updated by Félix DALLIDET over 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Félix DALLIDET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1557
Actions #19

Updated by Félix DALLIDET over 1 year ago

  • Status changed from Pending technical review to Pending release
Actions #24

Updated by Félix DALLIDET over 1 year ago

  • Related to Bug #16267: Copying a file to a directory using the "file_from_shared_folder" method results in a success report even if nothing is done added
Actions #27

Updated by Vincent MEMBRÉ over 1 year ago

This bug has been fixed in Rudder 5.0.15 which was released today.

Actions #28

Updated by Vincent MEMBRÉ 7 months ago

  • Status changed from Pending release to Released
Actions

Also available in: Atom PDF