From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#12632: file permissions checking mishandled when setuid Date: Sun, 14 Oct 2012 20:39:06 +0200 Message-ID: <831uh06gqd.fsf@gnu.org> References: <5078CAB6.7020509@cs.ucla.edu> <83fw5i7s4p.fsf@gnu.org> <83a9vq7oqh.fsf@gnu.org> <507A58CC.10209@cs.ucla.edu> <83fw5h5yo6.fsf@gnu.org> <507B010F.20105@cs.ucla.edu> Reply-To: Eli Zaretskii NNTP-Posting-Host: plane.gmane.org X-Trace: ger.gmane.org 1350240070 23613 80.91.229.3 (14 Oct 2012 18:41:10 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sun, 14 Oct 2012 18:41:10 +0000 (UTC) Cc: 12632@debbugs.gnu.org To: Paul Eggert Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sun Oct 14 20:41:16 2012 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1TNT7g-0001aP-Sy for geb-bug-gnu-emacs@m.gmane.org; Sun, 14 Oct 2012 20:41:13 +0200 Original-Received: from localhost ([::1]:47118 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TNT7a-00049U-5y for geb-bug-gnu-emacs@m.gmane.org; Sun, 14 Oct 2012 14:41:06 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:44001) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TNT7W-00043r-Ee for bug-gnu-emacs@gnu.org; Sun, 14 Oct 2012 14:41:03 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TNT7U-0005Gd-FC for bug-gnu-emacs@gnu.org; Sun, 14 Oct 2012 14:41:02 -0400 Original-Received: from debbugs.gnu.org ([140.186.70.43]:33844) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TNT7U-0005GV-BE for bug-gnu-emacs@gnu.org; Sun, 14 Oct 2012 14:41:00 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.72) (envelope-from ) id 1TNT8U-0004Wu-QI for bug-gnu-emacs@gnu.org; Sun, 14 Oct 2012 14:42:02 -0400 X-Loop: help-debbugs@gnu.org Resent-From: Eli Zaretskii Original-Sender: debbugs-submit-bounces@debbugs.gnu.org Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Sun, 14 Oct 2012 18:42:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 12632 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: patch Original-Received: via spool by 12632-submit@debbugs.gnu.org id=B12632.135024007117332 (code B ref 12632); Sun, 14 Oct 2012 18:42:02 +0000 Original-Received: (at 12632) by debbugs.gnu.org; 14 Oct 2012 18:41:11 +0000 Original-Received: from localhost ([127.0.0.1]:44091 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1TNT7f-0004VV-5s for submit@debbugs.gnu.org; Sun, 14 Oct 2012 14:41:11 -0400 Original-Received: from mtaout20.012.net.il ([80.179.55.166]:49652) by debbugs.gnu.org with esmtp (Exim 4.72) (envelope-from ) id 1TNT7Z-0004Uv-3P for 12632@debbugs.gnu.org; Sun, 14 Oct 2012 14:41:06 -0400 Original-Received: from conversion-daemon.a-mtaout20.012.net.il by a-mtaout20.012.net.il (HyperSendmail v2007.08) id <0MBW00A00BSO6Q00@a-mtaout20.012.net.il> for 12632@debbugs.gnu.org; Sun, 14 Oct 2012 20:38:59 +0200 (IST) Original-Received: from HOME-C4E4A596F7 ([87.69.4.28]) by a-mtaout20.012.net.il (HyperSendmail v2007.08) with ESMTPA id <0MBW004U7BSZIP42@a-mtaout20.012.net.il>; Sun, 14 Oct 2012 20:38:59 +0200 (IST) In-reply-to: <507B010F.20105@cs.ucla.edu> X-012-Sender: halo1@inter.net.il X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.13 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-Received-From: 140.186.70.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.bugs:65606 Archived-At: > Date: Sun, 14 Oct 2012 11:14:39 -0700 > From: Paul Eggert > CC: 12632@debbugs.gnu.org > > > Emacs should be able to test whether a file exists even if it > > will be unable to access it later. > > Emacs cannot do that. What 'access' does is ask, "If Emacs were > to issue the seteuid system call, and change the effective user > ID to the real user ID, would Emacs then be able to see that the > file exists?" This does not test whether the file exists; it tests > only whether Emacs could see that the file exists in a hypothetical > situation that never actually happens (because Emacs never issues > the seteuid system call). But this isn't what is wanted here: > what is wanted is a test whether Emacs can currently see that the > file exists, and that is what euidaccess does. I can't argue with you, because you seem to bring arguments out of some inner knowledge. The 'access' man page simply says this: F_OK tests for the existence of the file. It says nothing about granting any permissions (unlike when it describes R_OK, W_OK, and X_OK). > === modified file 'src/msdos.c' > --- src/msdos.c 2012-09-23 08:44:20 +0000 > +++ src/msdos.c 2012-10-14 18:06:01 +0000 > @@ -3557,7 +3557,7 @@ > read-only filesystem, like CD-ROM or a write-protected floppy. > The only way to be really sure is to actually create a file and > see if it succeeds. But I think that's too much to ask. */ > - if (tmp && access (tmp, D_OK) == 0) > + if (tmp && sys_access (tmp, D_OK) == 0) > { > setenv ("TMPDIR", tmp, 1); > break; > @@ -3935,7 +3935,7 @@ > readlink (const char *name, char *dummy1, size_t dummy2) > { > /* `access' is much faster than `stat' on MS-DOS. */ > - if (access (name, F_OK) == 0) > + if (sys_access (name, F_OK) == 0) > errno = EINVAL; > return -1; > } This part is wrong: the MSDOS build doesn't have sys_access, and there's nothing wrong with its library's 'access' that would justify such a replacement. Only the MS-Windows build needs 'sys_access'.