[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#12632: file permissions checking mishandled when setuid
From: |
Eli Zaretskii |
Subject: |
bug#12632: file permissions checking mishandled when setuid |
Date: |
Mon, 22 Oct 2012 19:19:53 +0200 |
> Date: Sun, 21 Oct 2012 23:03:30 -0700
> From: Paul Eggert <eggert@cs.ucla.edu>
> Cc: 12632@debbugs.gnu.org
>
> +/* If FILE is a searchable directory or a symlink to a
> + searchable directory, return true. Otherwise return
> + false and set errno to an error number. */
> +bool
> +file_accessible_directory_p (char const *file)
> +{
> + ptrdiff_t len = strlen (file);
> + bool ok;
> + int faccessat_errno;
> + USE_SAFE_ALLOCA;
> +
> + /* Normally a file F is an accessible directory if F/. is accessible.
> + But omit the "/." if F is empty, as "" is not "/."; and omit the
> + "/" if F ends in "/", as on some platforms "/" != "//". */
> + if (len)
> + {
> + char *buf = SAFE_ALLOCA (len + 3);
> + memcpy (buf, file, len);
> + strcpy (buf + len, "/." + (file[len - 1] == '/'));
> + file = buf;
> + }
I think this should use IS_DIRECTORY_SEP instead of a literal '/'.
> int
> -sys_access (const char * path, int mode)
> +sys_faccessat (int dirfd, const char * path, int mode, int flags)
> {
> DWORD attributes;
>
> + if (dirfd != AT_FDCWD)
> + {
> + errno = EINVAL;
> + return -1;
> + }
My reading of Posix is that this should set errno to EBADF, not
EINVAL.
There's also a problem that sys_faccessat won't have a prototype, so
compiling with -std=gnu99 will issue a warning, but that's not fatal,
and we can add that later.
- bug#12632: file permissions checking mishandled when setuid, (continued)
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/19
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/19
- bug#12632: file permissions checking mishandled when setuid, Glenn Morris, 2012/10/19
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/19
- bug#12632: file permissions checking mishandled when setuid, Richard Stallman, 2012/10/19
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/20
- bug#12632: file permissions checking mishandled when setuid, Glenn Morris, 2012/10/20
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/20
- bug#12632: file permissions checking mishandled when setuid, Glenn Morris, 2012/10/21
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid,
Eli Zaretskii <=
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Stefan Monnier, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/22
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/23
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/23
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/23