bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: access(2) shouldn't be used with test(1)

From: Linda Walsh
Subject: Re: access(2) shouldn't be used with test(1)
Date: Tue, 20 Jul 2010 14:18:39 -0700
User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.8.1.24) Gecko/20100228 Lightning/0.9 Thunderbird/2.0.0.24 Mnenhy/0.7.6.666 
What are you saying it should return, because I get correct results
on linux:

sudo sh -c 'test -x start_trans; echo $?'
1
sudo bash -c 'test -x start_trans; echo $?' 1 

Are you saying that access on BSD, when
passed (filename "X_OK") returns "true" for superuser even
when the file isn't executable?

Sounds like a bug to me....   if a file isn't executable, I don't care
how "super" you are -- permission won't make a text file executable!
;-)

Or isn't that what BSD is sorta saying?




Garrett Cooper wrote:

    According to the POSIX spec, using access(2) is implementation
dependent when running as superuser [1]. FreeBSD intentionally returns
true whenever euid/uid = 0 [2]. FreeBSD's /bin/sh doesn't have this
`issue' with test(1). Example:

$ ls -l typescript
-rw-r--r--  1 gcooper  gcooper  37875 Jul 12 22:19 typescript
$ sudo sh -c 'test -x typescript; echo $?'
1
$ sudo bash -c 'test -x typescript; echo $?'
0

    Code should be added to detect the mode via stat(2), instead of
access(2) (the FreeBSD manpage also notes security issues with race
conditions when using access(2), so access(2) use is discouraged).
    If I can get the details for grabbing bash from cvs/svn/whatever,
I'll whip up a patch for this.
Thanks,
-Garrett

[1] http://www.opengroup.org/onlinepubs/000095399/functions/access.html
- see RATIONALE.
[2] http://www.freebsd.org/cgi/man.cgi?query=access
reply via email to
[Prev in Thread] Current Thread [Next in Thread]