[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#12632: file permissions checking mishandled when setuid
From: |
Eli Zaretskii |
Subject: |
bug#12632: file permissions checking mishandled when setuid |
Date: |
Sat, 13 Oct 2012 09:23:02 +0200 |
> Date: Fri, 12 Oct 2012 18:58:14 -0700
> From: Paul Eggert <eggert@cs.ucla.edu>
> CC: Eli Zaretskii <eliz@gnu.org>
>
> This patch has a four FIXMEs indicating where the code could
> most likely be cleaned up on DOS_NT platforms. The patch
> should work fine as-is on DOS_NT, but it'd be nicer if the
> DOS_NT support could supply an euidaccess function to allow
> simplifying the mainline code. I'll CC: this bug report to
> Eli to give him a heads-up.
The FIXMEs are OK, but I see no reason for them to come _instead_ of
comments which explain why 'access' is used instead of 'stat'. Those
comments should be removed only when 'euidaccess' is implemented for
those platforms.
Regarding this hunk:
> @@ -2626,8 +2594,7 @@
> should check ACLs though, which do affect this. */
> return (access (SDATA (dir), D_OK) < 0) ? Qnil : Qt;
> #else
> - return (check_writable (!NILP (dir) ? SSDATA (dir) : "")
> - ? Qt : Qnil);
> + return check_writable (SSDATA (dir)) ? Qt : Qnil;
> #endif
How will the new code work if 'dir' is nil?
Also, what about lread.c:openp, around line 1555: doesn't it want
'euidaccess' as well, rather than 'stat'? I think using 'euidaccess'
there will allow a further optimization, in that the call to 'stat' is
not needed at all, because right below it we call either 'access' or
'emacs_open'.
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/12
- bug#12632: file permissions checking mishandled when setuid,
Eli Zaretskii <=
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/13
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Paul Eggert, 2012/10/14
- bug#12632: file permissions checking mishandled when setuid, Eli Zaretskii, 2012/10/14