bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#12632: file permissions checking mishandled when setuid

From: Paul Eggert
Subject: bug#12632: file permissions checking mishandled when setuid
Date: Sat, 13 Oct 2012 23:16:44 -0700
User-agent: Mozilla/5.0 (X11; Linux i686; rv:16.0) Gecko/20121011 Thunderbird/16.0.1 
On 10/13/2012 12:23 AM, Eli Zaretskii wrote:

> The FIXMEs are OK, but I see no reason for them to come _instead_ of
> comments which explain why 'access' is used instead of 'stat'.

OK, I left those comments alone in the attached revision
of the patch.

> How will the new code work if 'dir' is nil?

'dir' can't be nil there.  But this is a separate issue, so I've
omitted that change from the revised patch.

> Also, what about lread.c:openp, around line 1555: doesn't it want
> 'euidaccess' as well, rather than 'stat'?

Sure, we can do that.  Done in the revised patch.

> I don't understand why is it a good idea to use 'euidaccess' in
> check_existing.  Isn't the fact of the mere existence of a file
> independent of user's access rights?

No, because you cannot even stat a file that's in a directory that you
can't search.  Using 'access' rather than 'euidaccess' might
let a setuid Emacs search directories that it shouldn't be able
to search, or vice versa.

Attachment: euidaccess.txt
Description: Text document

reply via email to
[Prev in Thread] Current Thread [Next in Thread]