[pseudo,0/6] Permission/setuid/setgid handling

Victor Kamensky noticed and submitted a change where a file could have +s
defined and this would be set in the real filesystem.  This potentially
opens up a condition where a script or executable could be run as a specific
user's uid or gid which could lead to unintended consequences.

Victor's change filters out setuid/setgid from the on-disk permissions.

I the course of working on this issue (including writing test cases), it
was observed that there was an existing bug where if the user did a
mkdir followed by a +s on the directory the Linux kernel would prevent
the +s mode.  This had the side effect of the +s not being present
when the directory was later scanned.  (+s is only allowed on root owned
directories.)  This bug has never been reported but is now fixed as well.

This lead to the case where we also updated the documentation in the code
to make it more clear what PSEUDO_DB_MODE and PSEUDO_FS_MODE do and how
they need to be kept in sync.

These changes have been pushed to pseudo master branch.


Mark Hatle (5):
  Makefile.in: Add pseudo_client.h as a dependency
  pseudo_client.h: Make it clear both macros must be updated together
  tests: Add test that returned stat is correct
  pseudo_client.h: Add +s to PSEUDO_DB_MODE for mkdir
  tests: Add setuid permission check

Victor Kamensky (1):
  client: permissions drop setuid and setgid

 Makefile.in                     |   2 +-
 pseudo_client.h                 |  13 ++++-
 test/test-db-mode.c             | 117 ++++++++++++++++++++++++++++++++++++++++
 test/test-db-mode.sh            |  10 ++++
 test/test-setuid-permissions.sh |  58 ++++++++++++++++++++
 5 files changed, 197 insertions(+), 3 deletions(-)
 create mode 100644 test/test-db-mode.c
 create mode 100755 test/test-db-mode.sh
 create mode 100755 test/test-setuid-permissions.sh