Re: [CMake] CTest fails to find test command : bug in use of FileExists() + suggested fix.

Wed, 18 Aug 2010 02:48:34 -0700 

On 08/14/2010 11:59 PM, Richard Offer wrote:
> 
> One of my test cases needs sudo to run (its listening on privileged ports).
> 
> 
> If I add
> 
>   ADD_TEST( SERVER /usr/bin/sudo
> ${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/Server${SUFFIX} --daemon )
> 
> CMake complains that it can¹t find sudo.
> 
> [ d042 ] make test
> Running tests...
> Test project /Users/richard/BUILD
>     Start 1: SERVER
> Could not find executable /usr/bin/sudo
> Looked in the following places:
> /usr/bin/sudo
> /usr/bin/sudo
> /usr/bin/Release/sudo
> /usr/bin/Release/sudo
> /usr/bin/Debug/sudo
> /usr/bin/Debug/sudo
> ...
> 
> 
> However (on OS X and Linux) sudo is not readable (although it is
> executable).
> 
> In Source/CTest/cmCTestTestHandler.cxx (line 1494) you¹re using
> cmSystemTools::FileExists(attempted[ai].c_str() ) to test for the presence
> of the testcase.
> 
> 
> Looking in Source/kwsys/SystemTools.cxx line 919 shows that on non-Windows
> systems its using access(path, R_OK), which checks to see if the path has
> read permissions.
> 
> 
> Might I suggest replacing the call to FileExists()
> Source/CTest/cmCTestTestHandler.cxx  in with a new test  -
> FileIsExecutable() since the only requirement is to be able to execute the
> program, not read it.

Scripts using the kernel's "#!" facility must also be readable, but
ensuring the latter is the administrator's responsibility, of course.

Instead of introducing a new method, one could perhaps consider to add a
further parameter with a default value to the FileExists() methods, e.g.
"int xable=0", and replace "R_OK" by "(xable?X_OK:R_OK)".

As a quick workaround, you could create a script, say "sudo.sh",
containing "/usr/bin/sudo $*" and change your ADD_TEST() to
"ADD_TEST(SERVER sh ${CMAKE_SOURCE_DIR}/sudo.sh ...)".

Besides, I've already seen readable sudo executables on Linux systems,
so I wonder if this is a security issue, i.e. which advantage could
be taken of a readable /usr/bin/sudo by an attacker?

Regards,

Michael
_______________________________________________
Powered by www.kitware.com

Visit other Kitware open-source projects at 
http://www.kitware.com/opensource/opensource.html

Please keep messages on-topic and check the CMake FAQ at: 
http://www.cmake.org/Wiki/CMake_FAQ

Follow this link to subscribe/unsubscribe:
http://www.cmake.org/mailman/listinfo/cmake

Reply via email to