Re: Broken 'test -x' behaviour for euid=0 on Solaris

Thu, 28 Feb 2013 11:17:59 -0800 

On 2/28/13 9:24 AM, Jonathan Perkin wrote:
> The implementation-defined behaviour of access() and faccessat() on Solaris is
> as follows:
> 
>     If any access permissions are to be checked, each will be
>     checked individually,  as  described  in  Intro(2).  If  the
>     process has appropriate privileges, an implementation  may
>     indicate  success for  X_OK  even  if  none of the execute file
>     permission bits are set.
> 
> As such, 'test -x' performed as root will return true even for files
> which are not executable:
> 
>   bash-4.2# uname -srvm
>   SunOS 5.11 joyent_20120126T071347Z i86pc
>   bash-4.2# echo $BASH_VERSION 
>   4.2.42(1)-release
>   bash-4.2# touch /var/tmp/foo
>   bash-4.2# ls -l /var/tmp/foo
>   -rw-r--r--   1 root     root           0 Feb 28 14:13 /var/tmp/foo
>   bash-4.2# test -x /var/tmp/foo
>   bash-4.2# echo $?
>   0
>   bash-4.2# /bin/test -x /var/tmp/foo
>   bash-4.2# echo $?
>   1
>   bash-4.2# 
> 
> There is already handling for this chosen behaviour within sh_eaccess(), so it
> is simply a matter of extending it for the faccessat() case, as implemented in
> the patch below (against current git from git://git.sv.gnu.org/bash.git):

Thanks for the report.  The code in the devel git branch looks like this:

#if (defined (HAVE_FACCESSAT) && defined (AT_EACCESS)) || defined
(HAVE_EACCESS)
#  if defined (HAVE_FACCESSAT) && defined (AT_EACCESS)
  ret = faccessat (AT_FDCWD, path, mode, AT_EACCESS);
#  else         /* HAVE_EACCESS */      /* FreeBSD */
  ret = eaccess (path, mode);   /* XXX -- not always correct for X_OK */
#  endif        /* HAVE_EACCESS */
#  if defined (__FreeBSD__) || defined (SOLARIS)
  if (ret == 0 && current_user.euid == 0 && mode == X_OK)
    return (sh_stataccess (path, mode));
#  endif        /* __FreeBSD__ || SOLARIS */
  return ret;
#elif defined (EFF_ONLY_OK)             /* SVR4(?), SVR4.2 */
  return access (path, mode|EFF_ONLY_OK);
#else
  if (mode == F_OK)
    return (sh_stataccess (path, mode));

It looks like I made that change some time ago.

Chet
-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, ITS, CWRU    c...@case.edu    http://cnswww.cns.cwru.edu/~chet/

Reply via email to