Re: Problem with ftw from (ice-9 ftw)

unofficial mirror of guile-user@gnu.org 
 help / color / mirror / Atom feed

From: ludo@gnu.org (Ludovic Courtès)
To: guile-user@gnu.org
Subject: Re: Problem with ftw from (ice-9 ftw)
Date: Tue, 18 Feb 2014 10:11:09 +0100	[thread overview]
Message-ID: <87lhx8eqfm.fsf@gnu.org> (raw)
In-Reply-To: 87mwhp8emn.fsf@ft.bewatermyfriend.org

[-- Attachment #1: Type: text/plain, Size: 795 bytes --]

Hello,

Frank Terbeck <ft@bewatermyfriend.org> skribis:

> [snip]
> % ls -ladn .
> drwx------ 11 1000 1000 4096 Feb 18 00:53 .
> [snap]
>
> In that directory and as root, I'm doing the following at guile's REPL:
>
> [snip]
> scheme@(guile-user)> (use-modules (ice-9 ftw))
> scheme@(guile-user)> (format #t "UID: ~d, EUID: ~d~%" (getuid) (geteuid))
> UID: 0, EUID: 0
> $1 = #t
> scheme@(guile-user)> (ftw "." (lambda (name stat flag)
>                                 (format #t "~s: ~s~%" name flag)))
> ".": directory-not-readable
> $2 = #t
> [snap]
>
> The code treats root like a normal user, disregarding the fact that this
> particular users will be able to access any file or directory no matter
> the ownership or mode.

Indeed, that’s a bug.  I believe this is fixed with this patch:


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 536 bytes --]

diff --git a/module/ice-9/ftw.scm b/module/ice-9/ftw.scm
index 9c9694f..133e9c9 100644
--- a/module/ice-9/ftw.scm
+++ b/module/ice-9/ftw.scm
@@ -259,7 +259,8 @@
       (let* ((perms (stat:perms s))
              (perms-bit-set? (lambda (mask)
                                (not (= 0 (logand mask perms))))))
-        (or (and (= uid (stat:uid s))
+        (or (zero? uid)
+            (and (= uid (stat:uid s))
                  (perms-bit-set? #o400))
             (and (= gid (stat:gid s))
                  (perms-bit-set? #o040))

[-- Attachment #3: Type: text/plain, Size: 333 bytes --]


However, that ‘ftw’ tries to do permission checks by itself is really a
flaw in the first place, IMO.

> Indeed, the ‘scandir’ routine from the same module will read the
> contents of that directory just fine.

I would recommend using ‘scandir’ or ‘file-system-fold’ from (ice-9 ftw)
for new code.

Thanks,
Ludo’.

next prev parent reply	other threads:[~2014-02-18  9:11 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-18  0:10 Problem with ftw from (ice-9 ftw) Frank Terbeck
2014-02-18  9:11 ` Ludovic Courtès [this message]
2014-02-18 22:04   ` Frank Terbeck
2014-02-20 21:59     ` Ludovic Courtès

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9c9694f dfblob:133e9c9 )
 OR (
bs:"Re: Problem with ftw from (ice-9 ftw)" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/guile/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87lhx8eqfm.fsf@gnu.org \
    --to=ludo@gnu.org \
    --cc=guile-user@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).