Fix permissions bugs with setgid directories etc.

* configure.ac (BSD4_2): Remove; no longer needed.
* admin/CPP-DEFINES (BSD4_2): Remove.
* doc/lispintro/emacs-lisp-intro.texi (Files List):
directory-files-and-attributes now outputs t for attribute that's
now a placeholder.
* doc/lispref/files.texi (Testing Accessibility): Document GROUP arg
of file-ownership-preserved-p.
(File Attributes): Document that 9th element is now
just a placeholder.
* doc/lispref/os.texi (User Identification): Document new functions group-gid,
group-real-gid.
* etc/NEWS: Document changes to file-attributes,
file-ownership-preserved-p.
Mention new functions group-gid, group-real-gid.
* lisp/files.el (backup-buffer): Don't rely on 9th output of
file-attributes, as it's now a placeholder.  Instead, use the new
optional arg of file-ownership-preserved-p.
(file-ownership-preserved-p): New optional arg GROUP.
Fix mishandling of setuid directories that would cause this
function to return t when it should have returned nil.
Document what happens if the file does not exist, and when
it's not known whether the ownership will be preserved.
* lisp/net/tramp-sh.el (tramp-sh-handle-file-ownership-preserved-p):
Likewise.
(tramp-get-local-gid): Use group-gid for integer, as that's
faster and more reliable.
* src/dired.c (Ffile_attributes): Return t as the 9th attribute,
to mark it as a placeholder.  The old value was often wrong.
The only user of this attribute has been changed to use
file-ownership-preserved-p instead, with its new group arg.
* src/editfns.c (Fgroup_gid, Fgroup_real_gid): New functions.

Fixes: debbugs:13125

5 files changed, 36 insertions, 7 deletions

diff --git a/doc/lispintro/ChangeLog b/doc/lispintro/ChangeLog
index 51c6a53fcd8..8e7278ee2ee 100644
--- a/doc/lispintro/ChangeLog
+++ b/doc/lispintro/ChangeLog
@@ -1,3 +1,10 @@
+2012-12-14  Paul Eggert  <eggert@cs.ucla.edu>
+
+        Fix permissions bugs with setgid directories etc. (Bug#13125)
+        * emacs-lisp-intro.texi (Files List):
+        directory-files-and-attributes now outputs t for attribute that's
+        now a placeholder.
+
 2012-12-06  Paul Eggert  <eggert@cs.ucla.edu>
 
         * doclicense.texi: Update to latest version from FSF.
diff --git a/doc/lispintro/emacs-lisp-intro.texi b/doc/lispintro/emacs-lisp-intro.texi
index 34ef7cc093c..5111ee116a3 100644
--- a/doc/lispintro/emacs-lisp-intro.texi
+++ b/doc/lispintro/emacs-lisp-intro.texi
@@ -15687,7 +15687,7 @@ nil
 "-rw-r--r--"
 @end group
 @group
-nil
+t
 2971624
 773)
 @end group
diff --git a/doc/lispref/ChangeLog b/doc/lispref/ChangeLog
index b0727694b3d..8a99f8c9c40 100644
--- a/doc/lispref/ChangeLog
+++ b/doc/lispref/ChangeLog
@@ -1,3 +1,13 @@
+2012-12-14  Paul Eggert  <eggert@cs.ucla.edu>
+
+        Fix permissions bugs with setgid directories etc. (Bug#13125)
+        * files.texi (Testing Accessibility): Document GROUP arg
+        of file-ownership-preserved-p.
+        (File Attributes): Document that 9th element is now
+        just a placeholder.
+        * os.texi (User Identification): Document new functions group-gid,
+        group-real-gid.
+
 2012-12-11  Paul Eggert  <eggert@cs.ucla.edu>
 
         * internals.texi (C Integer Types): New section.
diff --git a/doc/lispref/files.texi b/doc/lispref/files.texi
index 863acbe3949..c0c2221a394 100644
--- a/doc/lispref/files.texi
+++ b/doc/lispref/files.texi
@@ -895,11 +895,14 @@ returns @code{nil}.  However, if the open fails, it signals an error
 using @var{string} as the error message text.
 @end defun
 
-@defun file-ownership-preserved-p filename
+@defun file-ownership-preserved-p filename &optional group
 This function returns @code{t} if deleting the file @var{filename} and
 then creating it anew would keep the file's owner unchanged.  It also
 returns @code{t} for nonexistent files.
 
+If the optional argument @var{group} is non-@code{nil}, this function
+also checks that the file's group would be unchanged.
+
 If @var{filename} is a symbolic link, then, unlike the other functions
 discussed here, @code{file-ownership-preserved-p} does @emph{not}
 replace @var{filename} with its target.  However, it does recursively
@@ -1246,8 +1249,7 @@ The file's modes, as a string of ten letters or dashes,
 as in @samp{ls -l}.
 
 @item
-@code{t} if the file's @acronym{GID} would change if file were
-deleted and recreated; @code{nil} otherwise.
+An unspecified value, present for backward compatibility.
 
 @item
 The file's inode number.  If possible, this is an integer.  If the
@@ -1279,7 +1281,7 @@ For example, here are the file attributes for @file{files.texi}:
           (20000 23 0 0)
           (20614 64555 902289 872000)
           122295 "-rw-rw-rw-"
-          nil  (5888 2 . 43978)
+          t (5888 2 . 43978)
           (15479 . 46724))
 @end group
 @end example
@@ -1318,8 +1320,8 @@ end-of-line format is CR-LF.)
 @item "-rw-rw-rw-"
 has a mode of read and write access for the owner, group, and world.
 
-@item nil
-would retain the same @acronym{GID} if it were recreated.
+@item t
+is merely a placeholder; it carries no information.
 
 @item (5888 2 . 43978)
 has an inode number of 6473924464520138.
diff --git a/doc/lispref/os.texi b/doc/lispref/os.texi
index e2161f51489..4b9cdfaae9e 100644
--- a/doc/lispref/os.texi
+++ b/doc/lispref/os.texi
@@ -1157,6 +1157,16 @@ This function returns the effective @acronym{UID} of the user.
 The value may be a floating point number.
 @end defun
 
+@defun group-gid
+This function returns the effective @acronym{GID} of the Emacs process.
+The value may be a floating point number.
+@end defun
+
+@defun group-real-gid
+This function returns the real @acronym{GID} of the Emacs process.
+The value may be a floating point number.
+@end defun
+
 @defun system-users
 This function returns a list of strings, listing the user names on the
 system.  If Emacs cannot retrieve this information, the return value