Bug#375534: Normal unix file system permission (no security breach)

[Martintxo]

Hello:

Oh la-la, one feature }:-P

First of all, excuse my ignorance of unix/linux system and permissions. I'm
a simple user... Many thanks for the complete explanation, and for the
patience...

Anyway, I think that the current behavior with the ogg files is not the
correct one (in my humble opinion).

Lest say that we have a dir with mp3 and ogg files, and all are read only
for the normal user (but owned by he, a "normal" scenario). If he want to
change the file tags with one app (easytag, tagtool...), when he want to
change one mp3 file, the app says "Permission denied" (easytag), and no tag
is changed (OK behavior). (Tagtool directly no permits to change the tags
in a read-only mp3, but yes in a read-only ogg).

But if we want change a ogg file, the app says nothing, and the tags are
changed (the file is altered, and it was a read-only file!).

So I also think that vorbiscoment must say something ("Permission denied"
is OK) in this case, and no change the tags. And the other apps
(easytag...) catch the response and show it.

But well, this all is only a "filosofical" thought, not theme for a Debian
bug. Excuse for the "gibberish". Thanks for the great job in Debian.
Greetings. Martintxo.


Mon, 26 Jun 2006 22:26:05 +0200 eguna,
Helge Kreutzmann <debian at helgefjell.de>(e)k idatzi zuen:

> severity 375534 minor
> retitle 375534 vorbisinfo should warn before replacing non-writable files
> tags 375534 - security
> thanks robot
> 
> This is not a (security) bug but normal behaviour. Let me explain what
> happens. To follow, please run the following two commands: