Re: Bug#329358: [bug #14619] find -perm +... broken in 4.2.25

[James Youngman]

On Fri, Oct 07, 2005 at 08:19:45AM -0600, Eric Blake wrote:

> The man page no longer documents the obsolete -perm +mode, which, as I
> stated earlier, really only makes sense for symbolic modes starting with
> 'a', or for numeric modes.  The man page is wrong in stating that you must
> specify 'u', 'g', or 'o' in symbolic mode.

Noted, thanks.

> Also, it is unfortunate that there is no syntax for specifying files with
> a permission bit explicitly off, besides an exact match.

That's what \! -perm is for...

> It might be nice if there were some sort of permission masking
> syntax - something like - -perm /pattern/mask.  For example, -perm
> /u+r-x/u+rx would explicitly select files that the user can read but
> not execute (examining both bits of the mask to see if the file
> meets the pattern within that mask), while ignoring the u+w,go+rwx
> bits.

You're really asking for the functionality of access() not -perm.
It's very hard to simulate access via -perm, because you would need
to make these checks:

1. If user is the owner of the file, 
        a) succeed if -perm -400 \! -perm -100
        b) otherwise fail
2. If the user is a member of the group which owns the file,
        a) succeed if -perm -040 \! -perm -010
        b) otherwise fail
3. Otherwise, 
        a) succeed if -perm -004 \! -perm -001
        b) otherwise fail

I did try coding an example answer but when I realised that I was
using a second level of nested $(...) and was only implementing (2), I
gave up because I wouldn't have the time to test it.

In any case, the above fails to take into account ACLs or other
special properties of the filesystem.

Are you really seeking an -access primitive with which one might write
        -access read -a \! -access execute
?

Regards,
James.