fusefrontend_reverse: consistent file owners for .diriv, .name files

This PR addresses the Issue #95, about "Confusing file owner for
longname files in reverse mode".

It affects only the reverse mode, and introduces two
modifications:

1) The "gocryptfs.longname.XXXX.name" files are assigned the owner and
group of the underlying plaintext file. Therefore it is consistent
with the file "gocryptfs.longname.XXXX" that has the encrypted
contents of the plaintext file.

2) The two virtual files mentioned above are given -r--r--r--
permissions. This is consistent with the behavior described in
function Access in internal/fusefrontend_reverse/rfs.go where all
virtual files are always readable. Behavior also observed in point
c) in #95 .

Issue #95 URL: https://github.com/rfjakob/gocryptfs/issues/95
Pull request URL: https://github.com/rfjakob/gocryptfs/pull/97

3 files changed, 8 insertions, 7 deletions

diff --git a/internal/fusefrontend_reverse/reverse_longnames.go b/internal/fusefrontend_reverse/reverse_longnames.go
index 1d19643..f1c45ca 100644
--- a/internal/fusefrontend_reverse/reverse_longnames.go
+++ b/internal/fusefrontend_reverse/reverse_longnames.go
@@ -96,6 +96,6 @@ func (rfs *ReverseFS) newNameFile(relPath string) (nodefs.File, fuse.Status) {
 		return nil, fuse.ToStatus(err)
 	}
 	content := []byte(rfs.nameTransform.EncryptName(e, dirIV))
-	parentFile := filepath.Join(rfs.args.Cipherdir, pDir)
+	parentFile := filepath.Join(rfs.args.Cipherdir, pDir, e)
 	return rfs.newVirtualFile(content, parentFile)
 }
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index a3a3d3b..9dc2572 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -21,8 +21,9 @@ import (
 )
 
 const (
-	// DirIVMode is the mode to use for Dir IV files.
-	DirIVMode = syscall.S_IFREG | 0400
+	// virtualFileMode is the mode to use for virtual files (gocryptfs.diriv and gocryptfs.longname.*.name)
+	// they are always readable, as stated in func Access
+	virtualFileMode = syscall.S_IFREG | 0444
 )
 
 // ReverseFS implements the pathfs.FileSystem interface and provides an
@@ -108,7 +109,7 @@ func (rfs *ReverseFS) dirIVAttr(relPath string, context *fuse.Context) (*fuse.At
 		return nil, fuse.EPERM
 	}
 	// All good. Let's fake the file. We use the timestamps from the parent dir.
-	a.Mode = DirIVMode
+	a.Mode = virtualFileMode
 	a.Size = nametransform.DirIVLen
 	a.Nlink = 1
 	a.Ino = rfs.inoGen.next()
@@ -312,7 +313,7 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
 	virtualFiles := make([]fuse.DirEntry, len(entries)+1)
 	// Virtual gocryptfs.diriv file
 	virtualFiles[0] = fuse.DirEntry{
-		Mode: syscall.S_IFREG | 0400,
+		Mode: virtualFileMode,
 		Name: nametransform.DirIVFilename,
 	}
 	// Actually used entries
@@ -330,7 +331,7 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
 			if len(cName) > syscall.NAME_MAX {
 				cName = rfs.nameTransform.HashLongName(cName)
 				dotNameFile := fuse.DirEntry{
-					Mode: syscall.S_IFREG | 0600,
+					Mode: virtualFileMode,
 					Name: cName + nametransform.LongNameSuffix,
 				}
 				virtualFiles[nVirtual] = dotNameFile
diff --git a/internal/fusefrontend_reverse/virtualfile.go b/internal/fusefrontend_reverse/virtualfile.go
index cca4349..04de634 100644
--- a/internal/fusefrontend_reverse/virtualfile.go
+++ b/internal/fusefrontend_reverse/virtualfile.go
@@ -59,7 +59,7 @@ func (f *virtualFile) GetAttr(a *fuse.Attr) fuse.Status {
 	}
 	st.Ino = f.ino
 	st.Size = int64(len(f.content))
-	st.Mode = syscall.S_IFREG | 0400
+	st.Mode = virtualFileMode
 	st.Nlink = 1
 	a.FromStat(&st)
 	return fuse.OK