Commits on Mar 15, 2023

1. Use OS-default permissions when creating archive root …

   The archive.WriteDirToTar function takes a boolean `includeRoot` as an
   argument that controls whether the tar archive created should include a
   root directory. It also allows users to pass a sentinel value of -1 when
   specifying the `mode` argument which results in the archive adopting the
   file permissions for the existing files and directories from the given
   source.
   
   When these two features combine, we have some strange behavior. The root
   directory is created adhoc in the tar archive with its mode set to the
   given value of the `mode` argument. When that value is -1, this
   translates into an `fs.FileMode`, which is a type of `uint32`, with a
   value that looks like `dalTLDpSugct?rwxrwxrwx`. If that looks odd, it
   looks less so in octal, `37777777777`. Ultimately, this overflows and
   results in the permission bits `7777` being set, which results in a file
   mode of `rwsrwsrwt`.
   
   The key issue here is that we've triggered the special bits on the
   permission set. Specifically, we're setting SUID, SGID, and Sticky. This
   is strange to do in a function that simply wants to archive a directory.
   
   Instead of the above described behavior, this change causes the
   `archive.WriteDirToTar` function to follow the more standardized default
   permissions for directory creation, that is to use 0777 and apply the
   `umask`. This results in much more reasonable permission settings for
   this root archive directory.
   
   Signed-off-by: Ryan Moran <rmoran@vmware.com>

   Ryan Moran committed Mar 15, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 1186f6a
   • Browse repository at this point

   Copy the full SHA

   1186f6a View commit details

   Browse the repository at this point in the history