From bed60101f4925eb2cce736301f5cc45ad267c187 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sun, 10 Jan 2021 08:06:09 +0100 Subject: [PATCH] nametransform: make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier when mounting via fstab. Having the files follow chmod/chown of their parent does not seem to be worth the hassle. The content of the diriv files is not secret, and both diriv and name files are protected by the perms of the parent dir. Fixes https://github.com/rfjakob/gocryptfs/issues/539 --- README.md | 2 ++ internal/fusefrontend/node.go | 4 ++++ internal/nametransform/perms.go | 24 +++++++++++++++++------- tests/cli/cli_test.go | 6 ++++-- 4 files changed, 27 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 1014471..c20fd29 100644 --- a/README.md +++ b/README.md @@ -193,6 +193,8 @@ Changelog vNEXT, in progress * MANPAGE: Split options into sections acc. to where they apply ([#517](https://github.com/rfjakob/gocryptfs/issues/517)) * `-idle`: count cwd inside the mount as busy ([#533](https://github.com/rfjakob/gocryptfs/issues/533)) +* Make `gocryptfs.diriv` and `gocryptfs.xxx.name` files world-readable to make encrypted backups easier + when mounting via [/etc/fstab](Documentation/MANPAGE.md#fstab) ([#539](https://github.com/rfjakob/gocryptfs/issues/539)) v2.0-beta2, 2020-11-14 * Improve [performance](Documentation/performance.txt#L69) diff --git a/internal/fusefrontend/node.go b/internal/fusefrontend/node.go index 80d642c..87ba835 100644 --- a/internal/fusefrontend/node.go +++ b/internal/fusefrontend/node.go @@ -239,6 +239,10 @@ func (n *Node) Setattr(ctx context.Context, f fs.FileHandle, in *fuse.SetAttrIn, defer syscall.Close(dirfd) // chmod(2) + // + // gocryptfs.diriv & gocryptfs.longname.[sha256].name files do NOT get chmod'ed + // or chown'ed with their parent file/dir for simplicity. + // See nametransform/perms.go for details. if mode, ok := in.GetMode(); ok { errno = fs.ToErrno(syscallcompat.FchmodatNofollow(dirfd, cName, mode)) if errno != 0 { diff --git a/internal/nametransform/perms.go b/internal/nametransform/perms.go index 98b51d6..cfcd062 100644 --- a/internal/nametransform/perms.go +++ b/internal/nametransform/perms.go @@ -1,16 +1,26 @@ package nametransform const ( - // Permissions for gocryptfs.diriv files + // Permissions for gocryptfs.diriv files. + // The gocryptfs.diriv files are created once, never modified, + // never chmod'ed or chown'ed. // - // It makes sense to have the diriv files group-readable so the FS can - // be mounted from several users from a network drive (see - // https://github.com/rfjakob/gocryptfs/issues/387 ). + // Group-readable so the FS can be mounted by several users in the same group + // (see https://github.com/rfjakob/gocryptfs/issues/387 ). // // Note that gocryptfs.conf is still created with 0400 permissions so the // owner must explicitly chmod it to permit access. - dirivPerms = 0440 + // + // World-readable so an encrypted directory can be copied by the non-root + // owner when gocryptfs is running as root + // ( https://github.com/rfjakob/gocryptfs/issues/539 ). + dirivPerms = 0444 - // Permissions for gocryptfs.longname.[sha256].name files - namePerms = 0400 + // Permissions for gocryptfs.longname.[sha256].name files. + // The .name files are created once, never modified, + // never chmod'ed or chown'ed. + // + // Group- and world-readable for the same reasons as the gocryptfs.diriv + // files (see above). + namePerms = 0444 ) diff --git a/tests/cli/cli_test.go b/tests/cli/cli_test.go index 6aa2feb..2872592 100644 --- a/tests/cli/cli_test.go +++ b/tests/cli/cli_test.go @@ -59,8 +59,10 @@ func TestInitFilePerms(t *testing.T) { syscall.Stat(dir+"/gocryptfs.diriv", &st) perms = st.Mode & 0777 // From v1.7.1, these are created with 0440 permissions, see - // https://github.com/rfjakob/gocryptfs/issues/387 - if perms != 0440 { + // https://github.com/rfjakob/gocryptfs/issues/387 . + // From v2.0, created with 0444 perms, see + // https://github.com/rfjakob/gocryptfs/issues/539 . + if perms != 0444 { t.Errorf("Wrong permissions for gocryptfs.diriv: %#o", perms) } }