[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

access(2) shouldn't be used with test(1)

From: Garrett Cooper
Subject: access(2) shouldn't be used with test(1)
Date: Tue, 20 Jul 2010 11:00:06 -0700

    According to the POSIX spec, using access(2) is implementation
dependent when running as superuser [1]. FreeBSD intentionally returns
true whenever euid/uid = 0 [2]. FreeBSD's /bin/sh doesn't have this
`issue' with test(1). Example:

$ ls -l typescript
-rw-r--r--  1 gcooper  gcooper  37875 Jul 12 22:19 typescript
$ sudo sh -c 'test -x typescript; echo $?'
$ sudo bash -c 'test -x typescript; echo $?'

    Code should be added to detect the mode via stat(2), instead of
access(2) (the FreeBSD manpage also notes security issues with race
conditions when using access(2), so access(2) use is discouraged).
    If I can get the details for grabbing bash from cvs/svn/whatever,
I'll whip up a patch for this.

[1] http://www.opengroup.org/onlinepubs/000095399/functions/access.html
[2] http://www.freebsd.org/cgi/man.cgi?query=access

reply via email to

[Prev in Thread] Current Thread [Next in Thread]