Nautilus

Inconsistency with Nautilus drag&drop and ACL

Bug #137458 reported by Holger Berndt
10
Affects Status Importance Assigned to Milestone
Nautilus
New
Medium
nautilus (Ubuntu)
Fix Released
Low
Ubuntu Desktop Bugs

Bug Description

Binary package hint: nautilus

I am using Nautilus in connection with Eiciel for ACL support (what is the status of Nautilus' native ACL support anyways? I heard it should be there from GNOME 2.16 on...). When I copy a directory with files from a partition that was not mounted with acl support, file permissions differ depending on whether I do this copy operation from a shell (cp -r) or via Drag&Drop in Nautilus. In my oppinion, the file permissions via the shell command are more sensible.

----------------------------------
Permissions of the source directory (not mounted with ACL support)
hb@wodan:~$ getfacl .
# file: .
# owner: hb
# group: hb
user::rwx
group::r-x
other::r-x

----------------------------------
Permissions of the target directory (mounted with ACL support)
hb@wodan:~$ cd /var/pictures/
hb@wodan:/var/pictures$ getfacl .
# file: .
# owner: root
# group: pictures
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---

----------------------------------
Permissions of a subdirectory and a file in the subdirectory of the target directory (mounted with ACL support) that has been copied via the shell
hb@wodan:/var/pictures$ getfacl copy_s #this is a directory
# file: copy_s
# owner: hb
# group: pictures
user::rwx
group::rwx #effective:r-x
mask::r-x
other::---
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---

hb@wodan:/var/pictures$ getfacl copy_s/copy_s # this is a file
# file: copy_s/copy_s
# owner: hb
# group: pictures
user::rw-
group::rwx #effective:r--
mask::r--
other::---

----------------------------------
Permissions of a subdirectory and a file in the subdirectory of the target directory (mounted with ACL support) that has been copied via Nautilus Drag&Drop
hb@wodan:/var/pictures$ getfacl copy_n
# file: copy_n
# owner: hb
# group: pictures
user::rwx
group::rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::rwx
default:mask::rwx
default:other::---

hb@wodan:/var/pictures$ getfacl copy_n/copy_n
# file: copy_n/copy_n
# owner: hb
# group: pictures
user::rw-
group::rwx #effective:r--
mask::r--
other::r--

----------------------------------------------------------------------------------------------------

Note how the permissions of "other" differ. I very much prefer them the way the shell does it. Since Nautilus is granting unwanted read access for world, I am marking this bug as a security vulnerability.

Revision history for this message
Pedro Villavicencio (pedro) wrote :

Thanks for your report, feel free to forward it upstream to bugzilla.gnome.org since you're facing the issue and known Eiciel better to response to the question upstream will do it. thanks.

Changed in nautilus:
importance: Undecided → Low
Revision history for this message
Holger Berndt (berndth) wrote :

Submitted upstream (Bug #504049 in GNOME bugzilla)

Revision history for this message
Pedro Villavicencio (pedro) wrote :

thanks a lot, linking the report now.

Changed in nautilus:
assignee: nobody → desktop-bugs
status: New → Triaged
Bug Watch Updater (bug-watch-updater)
Changed in nautilus:
status: Unknown → New
Revision history for this message
logari81 (logari81) wrote :

I created a patch fixing this issue. I have also submitted it upstream:
http://bugzilla.gnome.org/show_bug.cgi?id=549437
would be nice to see it in jaunty.

Revision history for this message
logari81 (logari81) wrote :

oops... ignore my last post, obviously I had posted it in the false thread.

Revision history for this message
Victor Vargas (kamus) wrote :

Since this report have a long time without activity, please could you check if this issue is still affecting you under latest release included in Ubuntu Lucid? Thanks in advance.

Changed in nautilus (Ubuntu):
status: Triaged → Incomplete
Bug Watch Updater (bug-watch-updater)
Changed in nautilus:
importance: Unknown → Medium
Revision history for this message
rusivi2 (rusivi2-deactivatedaccount) wrote :

We'd like to figure out what's causing this bug for you, but we haven't heard back from you in a while. Could you please provide the requested information? Thanks!

Sebastien Bacher (seb128)
Changed in nautilus (Ubuntu):
status: Incomplete → Triaged
Changed in nautilus:
importance: Medium → Unknown
status: New → Unknown
Changed in nautilus (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Pascal S (pascal.s) wrote :

Why is this bug assigned to https://bugzilla.gnome.org/show_bug.cgi?id=549437 ?
It should be assigned to https://bugzilla.gnome.org/show_bug.cgi?id=504049. As far as I know, bug is still present in Ubuntu 11.04.

Bug Watch Updater (bug-watch-updater)
Changed in nautilus:
importance: Unknown → Medium
status: Unknown → New
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.