From: Stephen Gildea Date: Fri, 20 Dec 2019 17:15:13 +0000 (-0800) Subject: backup-by-copying-when-privileged-mismatch applies to file gid, too. X-Git-Tag: emacs-27.0.90~322 X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=678a71ea2d044f19f75e3f45c930c5e3b707e3dc;p=emacs.git backup-by-copying-when-privileged-mismatch applies to file gid, too. * lisp/files.el (backup-by-copying-when-privileged-mismatch): In addition to checking the file uid, a second test is added: if the file gid is not greater than backup-by-copying-when-privileged-mismatch, backup-by-copying-when-mismatch will also be forced on. * doc/emacs/files.texi, doc/lispref/backups.texi: Updated documentation. Also fixed a typo in the Emacs reference manual, changing "higher" to "no greater" so that the limit is no longer documented reversed. --- diff --git a/doc/emacs/files.texi b/doc/emacs/files.texi index 7221edcc1b2..f5dd408cc9f 100644 --- a/doc/emacs/files.texi +++ b/doc/emacs/files.texi @@ -690,8 +690,9 @@ non-@code{nil} (the default is @code{t}), and renaming would change the file's owner or group, use copying. If you change @code{backup-by-copying-when-mismatch} to @code{nil}, -Emacs checks the numeric user-id of the file's owner. If this is -higher than @code{backup-by-copying-when-privileged-mismatch}, then it +Emacs checks the numeric user-id of the file's owner and the numeric +group-id of the file's group. If either is +no greater than @code{backup-by-copying-when-privileged-mismatch}, then it behaves as though @code{backup-by-copying-when-mismatch} is non-@code{nil} anyway. diff --git a/doc/lispref/backups.texi b/doc/lispref/backups.texi index 6a5b6d1661d..c17d98eb190 100644 --- a/doc/lispref/backups.texi +++ b/doc/lispref/backups.texi @@ -232,11 +232,11 @@ non-@code{nil}. @defopt backup-by-copying-when-privileged-mismatch This variable, if non-@code{nil}, specifies the same behavior as @code{backup-by-copying-when-mismatch}, but only for certain user-id -values: namely, those less than or equal to a certain number. You set -this variable to that number. +and group-id values: namely, those less than or equal to a certain number. +You set this variable to that number. Thus, if you set @code{backup-by-copying-when-privileged-mismatch} -to 0, backup by copying is done for the superuser only, +to 0, backup by copying is done for the superuser and group 0 only, when necessary to prevent a change in the owner of the file. The default is 200. diff --git a/etc/NEWS b/etc/NEWS index 6e0b039ce30..678139ecbcf 100644 --- a/etc/NEWS +++ b/etc/NEWS @@ -533,6 +533,11 @@ The HIST argument of 'read-from-minibuffer' now works correctly with buffer-local variables. This means that different buffers can have their own separated input history list if desired. +** 'backup-by-copying-when-privileged-mismatch' applies to file gid, too. +In addition to checking the file owner uid, Emacs also checks that the +group gid is not greater than backup-by-copying-when-privileged-mismatch; +if so, backup-by-copying-when-mismatch will be forced on. + * Editing Changes in Emacs 27.1 diff --git a/lisp/files.el b/lisp/files.el index a384e7136e8..96f1e8d47e7 100644 --- a/lisp/files.el +++ b/lisp/files.el @@ -134,10 +134,11 @@ This variable is relevant only if `backup-by-copying' is nil." (defcustom backup-by-copying-when-privileged-mismatch 200 "Non-nil means create backups by copying to preserve a privileged owner. Renaming may still be used (subject to control of other variables) -when it would not result in changing the owner of the file or if the owner -has a user id greater than the value of this variable. This is useful -when low-numbered uid's are used for special system users (such as root) -that must maintain ownership of certain files. +when it would not result in changing the owner of the file or if the +user id and group id of the file are both greater than the value of +this variable. This is useful when low-numbered uid's and gid's are +used for special system users (such as root) that must maintain +ownership of certain files. This variable is relevant only if `backup-by-copying' and `backup-by-copying-when-mismatch' are nil." :type '(choice (const nil) integer) @@ -4634,8 +4635,10 @@ BACKUPNAME is the backup file name, which is the old file renamed." (let ((attr (file-attributes real-file-name 'integer))) - (<= (file-attribute-user-id attr) - copy-when-priv-mismatch)))) + (or (<= (file-attribute-user-id attr) + copy-when-priv-mismatch) + (<= (file-attribute-group-id attr) + copy-when-priv-mismatch))))) (not (file-ownership-preserved-p real-file-name t))))) setmodes)