[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Readable files: a Unix philosophy question for gurus
|
From: |
Jim Meyering |
|
Subject: |
Re: Readable files: a Unix philosophy question for gurus |
|
Date: |
Sun, 09 Feb 2003 10:14:32 +0100 |
Hi Nelson,
Thanks for bringing that up!
There is indeed a problem with the `test' in the coreutils --
and with the nearly identical built-in provided by bash.
I've just changed the one in coreutils to use euidaccess
(either the one in libc, or the supplied replacement).
That solves the problem only in the (albeit common) case
in which effective and actual UID and GID are identical.
Now, using the just-patched binary,
`test -w' fails when applied to e.g., an immutable file:
$ f=/tmp/im; : > $f; sudo chattr +i $f
$ ./test -w $f || echo not writable
not writable
$ ls -go $f
-rw-r--r-- 1 0 Feb 9 10:02 /tmp/im
However, it'd still do the wrong thing if you ran it from a
`su'd shell, because it would not be able to rely on using
the `access' function.
Jim
"Nelson H. F. Beebe" <beebe@math.utah.edu> wrote:
> In "man test", we find this documentation:
>
> -r FILE
> FILE exists and is readable
>
> Similar wording appears in vendor man pages, although Compaq OSF/1
> is a bit more precise:
>
> -r file
> TRUE if file exists and has read permission.
>
> Consider a file with these permissions:
>
> % ls -l foo.xml
> -rwSr-Srwx 2 beebe staff 174440 Feb 8 08:20 foo.xml
>
> created by
>
> chmod u+s,g+s,o+rwxt foo.xml
>
> Now look at this:
>
> (1) On the file server:
>
> /bin/test -r foo.xml && echo file is readable
> file is readable
>
> /usr/local/bin/test -r foo.xml && echo file is readable
> file is readable
>
> /usr/local/bin/test --version
> test (GNU coreutils) 4.5.6
> ...
>
> /bin/cat foo.xml > /dev/null
>
> echo $?
> 0
>
> (2) On a [Sun Solaris 2.8] client, where the filesystem is mounted via
> NFS with the attributes remote/read/write/nosuid/grpid/intr/noquota:
>
> /bin/test -r foo.xml && echo file is readable
> [no output]
>
> /usr/local/bin/test -r foo.xml && echo file is readable
> file is readable
>
> /bin/cat foo.xml > /dev/null
> cat: cannot open foo.xml
>
> /usr/local/bin/cat foo.xml > /dev/null
> /usr/local/bin/cat: foo.xml: Permission denied
>
> echo $?
> 1
>
> The $65,536 question is: what should test report? In this case, the
> setuid bit combined with the mount options makes the file unreadable,
> and the Solaris test command reflects that, but the GNU coreutils
> one does not.
>
> Experiments with native test on other systems produced these results:
>
> SGI IRIX 6.5: file is readable, cat fails
> Compaq OSF/1 4.0: no output from test, cat fails
>
> On AIX, my home filesystem is not mounted with special attributes, so
> I could not make the same experiment.
>
> On FreeBSD, chmod would not do g+s or o+t for me, and the file
> remained readable for both test and cat.
>
> My feeling is that the GNU version of test (going back to at least
> sh-utils 2.0.11 on Red Hat 7.2, and likely much earlier), and the IRIX
> version too, are wrong.
>
> I think that one really should be able to do "test -r foo && cat foo"
> without cat failing because of permissions.
>
> Comments?
>
> -------------------------------------------------------------------------------
> - Nelson H. F. Beebe Tel: +1 801 581 5254
> -
> - Center for Scientific Computing FAX: +1 801 581 4148
> -
> - University of Utah Internet e-mail: beebe@math.utah.edu
> -
> - Department of Mathematics, 110 LCB beebe@acm.org beebe@computer.org
> -
> - 155 S 1400 E RM 233 beebe@ieee.org
> -
> - Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe
> -
> -------------------------------------------------------------------------------
- Re: Readable files: a Unix philosophy question for gurus,
Jim Meyering <=