Chasing down bugs with access(2)
brde at optusnet.com.au
Wed Jul 21 09:03:05 UTC 2010
On Wed, 21 Jul 2010, Jaakko Heinonen wrote:
> On 2010-07-20, Garrett Cooper wrote:
>> I ran into an issue last night where apparently several apps make
>> faulty assumptions w.r.t. whether or not access(2) returns functional
>> data when running as a superuser.
>> New implementations are discouraged from returning X_OK unless at
>> least one execution permission bit is set.
> See PR kern/125009 (http://www.freebsd.org/cgi/query-pr.cgi?pr=125009).
> Here is the latest version of the vaccess*() patch which also changes
> The patch is not a complete fix however. Not all file systems use
> vaccess*() for VEXEC in their VOP_ACCESS() (ZFS confirmed). Thus the
> patch doesn't work with ZFS.
I looked at the patches in the PR. It seems reasonable to require an X
but for VEXEC for all file types except directories, like I think the
vaccess() version of your patch does.
Keeping the existing behaviour for directories seems necessary. E.g.,
suppose a user changes all his files and directories to mode 000. It
should still be possible for root to search, not to mention back up,
all those files and directories, without clobbering any of their
metadata (including atimes, but those are a different problem).
More information about the freebsd-hackers