Hey list,
I used to write installation routines for scheme modules in bourne
shell, that would ask the guile interpreter for (%site-path) etc.
If I call out to guile anyway, I suppose it's more natural to implement
the whole thing in scheme. That's what I did, with the help of ‘ftw’
from the (ice-9 ftw) module. That's when I stumbled across the following
odd behaviour:
Since it's an installation routine, it's likely to be called by someone
different than the owner of the directory holding the source code of a
project. The root-directory of my project has mode 0700 with a user
different from root:
[snip]
% ls -ladn .
drwx------ 11 1000 1000 4096 Feb 18 00:53 .
[snap]
In that directory and as root, I'm doing the following at guile's REPL:
[snip]
scheme@(guile-user)> (use-modules (ice-9 ftw))
scheme@(guile-user)> (format #t "UID: ~d, EUID: ~d~%" (getuid) (geteuid))
UID: 0, EUID: 0
$1 = #t
scheme@(guile-user)> (ftw "." (lambda (name stat flag)
(format #t "~s: ~s~%" name flag)))
".": directory-not-readable
$2 = #t
[snap]
The code treats root like a normal user, disregarding the fact that this
particular users will be able to access any file or directory no matter
the ownership or mode. Indeed, the ‘scandir’ routine from the same
module will read the contents of that directory just fine.
Maybe the accessibility code should be disabled when (geteuid) returns
zero?
Regards, Frank
--
In protocol design, perfection has been reached not when there is
nothing left to add, but when there is nothing left to take away.
-- RFC 1925
