[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#8292: COREUTILS-8.9: Potential bug in tests/cp/preserve-gid
From: |
Jim Meyering |
Subject: |
bug#8292: COREUTILS-8.9: Potential bug in tests/cp/preserve-gid |
Date: |
Sun, 20 Mar 2011 15:37:16 +0100 |
gmail wrote:
...
> Normally setuidgid MUST take the parent shell environment, so i
> finally add a strace in the test to the original source :
Thanks for investigating.
> --- tests/cp/preserve-gid 2011-03-20 13:34:52.000000000 +0100
> +++ tests/cp/preserve-gid.orig 2011-01-01 22:19:23.000000000 +0100
> @@ -38,7 +38,7 @@
> u=$1; shift
> g=$1; shift
> rm -f b || exit 1
> - strace -o ../../trace.txt "$@" "$f" b || exit 1
> + "$@" "$f" b || exit 1
> s=`stat -c '%u %g' b`
> if test "x$s" != "x$u $g"; then
> # Allow the actual group to match that of the parent directory
>
> And got this .... :
...
>>> execve("/usr/src/coreutils-8.9_build3/src/cp", ["cp", "-p", "c1",
> "b"], [/* 72 vars */]) = -1 EACCES (Permission denied)
...
> The setuidgid has the PATH, but this is an absolute PATH and PATH
> traversal with the test uid/gid fail.
But why is that? I.e., it implies that NON_ROOT_USERNAME (your
"cedric" user) cannot run that program, yet the README instructions
regarding how to run root tests suggest that NON_ROOT_USERNAME must
have access to the sources and built programs.
Can you reproduce the failure if you follow these guidelines from
the README file?
I find that it is best to unpack and build as a non-privileged
user, and then to run the following command as that user in order
to run the privilege-requiring tests:
sudo env PATH="$PATH" NON_ROOT_USERNAME=$USER make -k check-root