Calling access("foo", X_OK) as root returns 0 even though none of the execute
bits set. As non-root, this fails with EACCES.
I know this behaviour is almost certainly known. Sun's access(2) man page says
this: "If the process has appropriate privileges, an implementation may
indicate success for X_OK even if none of the execute file permission bits are
set." POSIX also knows about this, but discourages its behaviour: "Historical
implementations of access() do not test file access correctly when the process'
real user ID is superuser. In particular, they always return zero when testing
execute permissions without regard to whether the file is executable." and that
"New implementations are discouraged from returning X_OK unless at least one
execution permission bit is set.".
Given that access is frequently used to test whether a file is executable by
the current user and given POSIX's recommendation would it not be prudent to
fix this behaviour?
An easy way to address this would be to create a new libc function (e.g.
__posix_access). Then, if a program defined some flag (e.g.
_POSIX_PTHREAD_SEMANTICS), access would get redefined to __posix_access (this
is done with e.g. getgrgid_r/__posix_getgrgid_r). The kernel change would be
minimal as well; just define a new *_OK flag (e.g. X_SU_OK) that __posix_access
would pass to the kernel. This would preserve the old behaviour in existing
code while allowing new code to make use of the recommended behaviour.
--
This message posted from opensolaris.org
_______________________________________________
opensolaris-code mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
