Re: [PATCH] find: implement -nouser, -nogroup
On Sun, 29 Jan 2023, Kang-Che Sung wrote:
> +IF_FEATURE_FIND_NOUSER( ACTS(nouser))
> +IF_FEATURE_FIND_NOUSER( ACTS(nogroup))
Typo. (Should be IF_FEATURE_FIND_NOGROUP)
Thanks!
> +ACTF(nouser)
> +{
> + return !getpwuid(statbuf->st_uid);
> +}
I think there is a logic hole here.
getpwuid may return a NULL pointer on an error that's not "UID not found in
database".
Although your logic written like this conforms to POSIX, I don't know
whether in practice this would bring in security risk.
> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> +ACTF(nogroup)
> +{
> + return !getgrgid(statbuf->st_gid);
> +}
Same problem as above (getgrgid may return NULL on an error other than "not
found")
This may not persuade you, but other implementations do the same:
https://git.savannah.gnu.org/cgit/findutils.git/tree/find/pred.c#n671
https://cgit.freebsd.org/src/tree/usr.bin/find/function.c#n1255
https://github.com/kofemann/opensolaris/blob/master/usr/src/cmd/find/find.c#L953
A scenario I can imagine is a system with a periodic find job that deletes
all -nouser files. Say that something (an adversary?) exhausts
system resources. Now getpwuid() always returns NULL (ENFILE, ENOMEM)
and now all files are deleted. I would conclude that -nouser is
imperfectly reliable (as it inherits subsystem reliability), and that users
of find should take that into consideration.
That said, the lack of error messages was an important part of this
unresolved tale: https://bugzilla.redhat.com/show_bug.cgi?id=847878
They ended up suggesting ltrace. Even so, I don't think error logging
for getpwuid/getgrgid in find is needed in busybox, which is looking to
stay slim.
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
Re: [PATCH] find: implement -nouser, -nogroup
On Sunday, January 29, 2023, David Leonard <
d+busy...@adaptive-enterprises.com> wrote:
>
> Resending patch for 'find -nouser', 'find -nogroup'. Refreshed bloatcheck
>
> Subject: [PATCH] find: implement -nouser, -nogroup
>
> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/find.html
>
> -nouser
> The primary shall evaluate as true if the file belongs to a user ID
> for which the getpwuid() function defined in the System Interfaces
> volume of POSIX.1-2017 (or equivalent) returns NULL.
>
> -nogroup
> The primary shall evaluate as true if the file belongs to a group ID
> for which the getgrgid() function defined in the System Interfaces
> volume of POSIX.1-2017 (or equivalent) returns NULL.
>
> function old new delta
> parse_params18111845 +34
> func_nouser- 24 +24
> func_nogroup - 24 +24
> static.params275 292 +17
> .rodata 100767 100775 +8
> packed_usage 34553 34541 -12
>
--
> (add/remove: 2/0 grow/shrink: 3/1 up/down: 107/-12)Total: 95
bytes
>textdata bss dec hex filename
> 1064435 165871816 1082838 1085d6 busybox_old
> 1064530 165871816 1082933 108635 busybox_unstripped
> ---
> findutils/find.c | 46 ++
> 1 file changed, 46 insertions(+)
>
> diff --git a/findutils/find.c b/findutils/find.c
> index 40f66ab2e..2a0a867e3 100644
> --- a/findutils/find.c
> +++ b/findutils/find.c
> @@ -197,6 +197,16 @@
> //config: default y
> //config: depends on FIND
> //config:
> +//config:config FEATURE_FIND_NOUSER
> +//config: bool "Enable -nouser matching"
> +//config: default y
> +//config: depends on FIND
> +//config:
> +//config:config FEATURE_FIND_NOGROUP
> +//config: bool "Enable -nogroup matching"
> +//config: default y
> +//config: depends on FIND
> +//config:
> //config:config FEATURE_FIND_NOT
> //config: bool "Enable the 'not' (!) operator"
> //config: default y
> @@ -373,6 +383,12 @@
> //usage: IF_FEATURE_FIND_GROUP(
> //usage: "\n -group NAME/ID File is owned by given group"
> //usage: )
> +//usage: IF_FEATURE_FIND_NOUSER(
> +//usage: "\n -nouser File is owned by unknown uid"
> +//usage: )
> +//usage: IF_FEATURE_FIND_NOGROUP(
> +//usage: "\n -nogroupFile is owned by unknown gid"
> +//usage: )
> //usage: IF_FEATURE_FIND_SIZE(
> //usage: "\n -size N[bck]File size is N
(c:bytes,k:kbytes,b:512 bytes(def.))"
> //usage: "\n +/-N: file size is bigger/smaller
than N"
> @@ -466,6 +482,8 @@ IF_FEATURE_FIND_NEWER( ACTS(newer, time_t
newer_mtime;))
> IF_FEATURE_FIND_INUM( ACTS(inum, ino_t inode_num;))
> IF_FEATURE_FIND_SAMEFILE(ACTS(samefile, ino_t inode_num; dev_t device;))
> IF_FEATURE_FIND_USER( ACTS(user, uid_t uid;))
> +IF_FEATURE_FIND_NOUSER( ACTS(nouser))
> +IF_FEATURE_FIND_NOUSER( ACTS(nogroup))
Typo. (Should be IF_FEATURE_FIND_NOGROUP)
> IF_FEATURE_FIND_SIZE( ACTS(size, char size_char; off_t size;))
> IF_FEATURE_FIND_CONTEXT(ACTS(context, security_context_t context;))
> IF_FEATURE_FIND_PAREN( ACTS(paren, action ***subexpr;))
> @@ -891,6 +909,18 @@ ACTF(group)
> return (statbuf->st_gid == ap->gid);
> }
> #endif
> +#if ENABLE_FEATURE_FIND_NOUSER
> +ACTF(nouser)
> +{
> + return !getpwuid(statbuf->st_uid);
> +}
I think there is a logic hole here.
getpwuid may return a NULL pointer on an error that's not "UID not found in
database".
Although your logic written like this conforms to POSIX, I don't know
whether in practice this would bring in security risk.
> +#endif
> +#if ENABLE_FEATURE_FIND_NOGROUP
> +ACTF(nogroup)
> +{
> + return !getgrgid(statbuf->st_gid);
> +}
Same problem as above (getgrgid may return NULL on an error other than "not
found")
> +#endif
> #if ENABLE_FEATURE_FIND_PRINT0
> ACTF(print0)
> {
> @@ -1144,6 +1174,8 @@ static action*** parse_params(char **argv)
> IF_FEATURE_FIND_QUIT( PARM_quit ,)
> IF_FEATURE_FIND_DELETE( PARM_delete,)
> IF_FEATURE_FIND_EMPTY( PARM_empty ,)
> +
Re: [PATCH] find: implement -nouser, -nogroup
Resending patch for 'find -nouser', 'find -nogroup'. Refreshed bloatcheck
Subject: [PATCH] find: implement -nouser, -nogroup
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/find.html
-nouser
The primary shall evaluate as true if the file belongs to a user ID
for which the getpwuid() function defined in the System Interfaces
volume of POSIX.1-2017 (or equivalent) returns NULL.
-nogroup
The primary shall evaluate as true if the file belongs to a group ID
for which the getgrgid() function defined in the System Interfaces
volume of POSIX.1-2017 (or equivalent) returns NULL.
function old new delta
parse_params18111845 +34
func_nouser- 24 +24
func_nogroup - 24 +24
static.params275 292 +17
.rodata 100767 100775 +8
packed_usage 34553 34541 -12
--
(add/remove: 2/0 grow/shrink: 3/1 up/down: 107/-12)Total: 95 bytes
textdata bss dec hex filename
1064435 165871816 1082838 1085d6 busybox_old
1064530 165871816 1082933 108635 busybox_unstripped
---
findutils/find.c | 46 ++
1 file changed, 46 insertions(+)
diff --git a/findutils/find.c b/findutils/find.c
index 40f66ab2e..2a0a867e3 100644
--- a/findutils/find.c
+++ b/findutils/find.c
@@ -197,6 +197,16 @@
//config: default y
//config: depends on FIND
//config:
+//config:config FEATURE_FIND_NOUSER
+//config: bool "Enable -nouser matching"
+//config: default y
+//config: depends on FIND
+//config:
+//config:config FEATURE_FIND_NOGROUP
+//config: bool "Enable -nogroup matching"
+//config: default y
+//config: depends on FIND
+//config:
//config:config FEATURE_FIND_NOT
//config: bool "Enable the 'not' (!) operator"
//config: default y
@@ -373,6 +383,12 @@
//usage: IF_FEATURE_FIND_GROUP(
//usage: "\n -group NAME/ID File is owned by given group"
//usage: )
+//usage: IF_FEATURE_FIND_NOUSER(
+//usage: "\n -nouser File is owned by unknown uid"
+//usage: )
+//usage: IF_FEATURE_FIND_NOGROUP(
+//usage: "\n -nogroupFile is owned by unknown gid"
+//usage: )
//usage: IF_FEATURE_FIND_SIZE(
//usage: "\n -size N[bck]File size is N (c:bytes,k:kbytes,b:512
bytes(def.))"
//usage: "\n +/-N: file size is bigger/smaller than N"
@@ -466,6 +482,8 @@ IF_FEATURE_FIND_NEWER( ACTS(newer, time_t newer_mtime;))
IF_FEATURE_FIND_INUM( ACTS(inum, ino_t inode_num;))
IF_FEATURE_FIND_SAMEFILE(ACTS(samefile, ino_t inode_num; dev_t device;))
IF_FEATURE_FIND_USER( ACTS(user, uid_t uid;))
+IF_FEATURE_FIND_NOUSER( ACTS(nouser))
+IF_FEATURE_FIND_NOUSER( ACTS(nogroup))
IF_FEATURE_FIND_SIZE( ACTS(size, char size_char; off_t size;))
IF_FEATURE_FIND_CONTEXT(ACTS(context, security_context_t context;))
IF_FEATURE_FIND_PAREN( ACTS(paren, action ***subexpr;))
@@ -891,6 +909,18 @@ ACTF(group)
return (statbuf->st_gid == ap->gid);
}
#endif
+#if ENABLE_FEATURE_FIND_NOUSER
+ACTF(nouser)
+{
+ return !getpwuid(statbuf->st_uid);
+}
+#endif
+#if ENABLE_FEATURE_FIND_NOGROUP
+ACTF(nogroup)
+{
+ return !getgrgid(statbuf->st_gid);
+}
+#endif
#if ENABLE_FEATURE_FIND_PRINT0
ACTF(print0)
{
@@ -1144,6 +1174,8 @@ static action*** parse_params(char **argv)
IF_FEATURE_FIND_QUIT( PARM_quit ,)
IF_FEATURE_FIND_DELETE( PARM_delete,)
IF_FEATURE_FIND_EMPTY( PARM_empty ,)
+ IF_FEATURE_FIND_NOUSER( PARM_nouser,)
+ IF_FEATURE_FIND_NOGROUP(PARM_nogroup ,)
IF_FEATURE_FIND_EXEC( PARM_exec ,)
IF_FEATURE_FIND_EXEC_OK(PARM_ok,)
IF_FEATURE_FIND_EXECUTABLE(PARM_executable,)
@@ -1196,6 +1228,8 @@ static action*** parse_params(char **argv)
IF_FEATURE_FIND_QUIT( "-quit\0" )
IF_FEATURE_FIND_DELETE( "-delete\0" )
IF_FEATURE_FIND_EMPTY( "-empty\0" )
+ IF_FEATURE_FIND_NOUSER( "-nouser\0" )
+ IF_FEATURE_FIND_NOGROUP("-nogroup\0" )
IF_FEATURE_FIND_EXEC( "-exec\0" )
IF_FEATURE_FIND_EXEC_OK("-ok\0" )
IF_FEATURE_FIND_EXECUTABLE("-executable\0")
@@ -1594,6 +1628,18 @@ static action*** parse_params(char **argv)
ap->gid = xgroup2gid(arg1);
}
#endif
+#if ENABLE_FEATURE_FIND_NOUSER
+ else if (parm == PARM_nouser) {
+
[PATCH] find: implement -nouser, -nogroup
Implement's POSIX's -nouser and -nogroup primaries for find.
From 48e78e55f367a427cf613f199cfa9060af08a304 Mon Sep 17 00:00:00 2001
From: David Leonard
Date: Mon, 28 Mar 2022 11:14:13 +1000
Subject: [PATCH] find: implement -nouser, -nogroup
function old new delta
parse_params33633443 +80
func_nouser- 52 +52
func_nogroup - 52 +52
static.params275 292 +17
packed_usage 34464 34473 +9
--
(add/remove: 2/0 grow/shrink: 3/0 up/down: 210/0) Total: 210 bytes
text data bss dec hex filename
1734831 16476 1816 1753123 1ac023 busybox_old
1735041 16476 1816 175 1ac0f5 busybox_unstripped
---
findutils/find.c | 46 ++
1 file changed, 46 insertions(+)
diff --git a/findutils/find.c b/findutils/find.c
index 40f66ab2e..2a0a867e3 100644
--- a/findutils/find.c
+++ b/findutils/find.c
@@ -197,6 +197,16 @@
//config: default y
//config: depends on FIND
//config:
+//config:config FEATURE_FIND_NOUSER
+//config: bool "Enable -nouser matching"
+//config: default y
+//config: depends on FIND
+//config:
+//config:config FEATURE_FIND_NOGROUP
+//config: bool "Enable -nogroup matching"
+//config: default y
+//config: depends on FIND
+//config:
//config:config FEATURE_FIND_NOT
//config: bool "Enable the 'not' (!) operator"
//config: default y
@@ -373,6 +383,12 @@
//usage: IF_FEATURE_FIND_GROUP(
//usage: "\n -group NAME/ID File is owned by given group"
//usage: )
+//usage: IF_FEATURE_FIND_NOUSER(
+//usage: "\n -nouser File is owned by unknown uid"
+//usage: )
+//usage: IF_FEATURE_FIND_NOGROUP(
+//usage: "\n -nogroup File is owned by unknown gid"
+//usage: )
//usage: IF_FEATURE_FIND_SIZE(
//usage: "\n -size N[bck] File size is N (c:bytes,k:kbytes,b:512 bytes(def.))"
//usage: "\n +/-N: file size is bigger/smaller than N"
@@ -466,6 +482,8 @@ IF_FEATURE_FIND_NEWER( ACTS(newer, time_t newer_mtime;))
IF_FEATURE_FIND_INUM( ACTS(inum, ino_t inode_num;))
IF_FEATURE_FIND_SAMEFILE(ACTS(samefile, ino_t inode_num; dev_t device;))
IF_FEATURE_FIND_USER( ACTS(user, uid_t uid;))
+IF_FEATURE_FIND_NOUSER( ACTS(nouser))
+IF_FEATURE_FIND_NOUSER( ACTS(nogroup))
IF_FEATURE_FIND_SIZE( ACTS(size, char size_char; off_t size;))
IF_FEATURE_FIND_CONTEXT(ACTS(context, security_context_t context;))
IF_FEATURE_FIND_PAREN( ACTS(paren, action ***subexpr;))
@@ -891,6 +909,18 @@ ACTF(group)
return (statbuf->st_gid == ap->gid);
}
#endif
+#if ENABLE_FEATURE_FIND_NOUSER
+ACTF(nouser)
+{
+ return !getpwuid(statbuf->st_uid);
+}
+#endif
+#if ENABLE_FEATURE_FIND_NOGROUP
+ACTF(nogroup)
+{
+ return !getgrgid(statbuf->st_gid);
+}
+#endif
#if ENABLE_FEATURE_FIND_PRINT0
ACTF(print0)
{
@@ -1144,6 +1174,8 @@ static action*** parse_params(char **argv)
IF_FEATURE_FIND_QUIT( PARM_quit ,)
IF_FEATURE_FIND_DELETE( PARM_delete,)
IF_FEATURE_FIND_EMPTY( PARM_empty ,)
+ IF_FEATURE_FIND_NOUSER( PARM_nouser,)
+ IF_FEATURE_FIND_NOGROUP(PARM_nogroup ,)
IF_FEATURE_FIND_EXEC( PARM_exec ,)
IF_FEATURE_FIND_EXEC_OK(PARM_ok,)
IF_FEATURE_FIND_EXECUTABLE(PARM_executable,)
@@ -1196,6 +1228,8 @@ static action*** parse_params(char **argv)
IF_FEATURE_FIND_QUIT( "-quit\0" )
IF_FEATURE_FIND_DELETE( "-delete\0" )
IF_FEATURE_FIND_EMPTY( "-empty\0" )
+ IF_FEATURE_FIND_NOUSER( "-nouser\0" )
+ IF_FEATURE_FIND_NOGROUP("-nogroup\0" )
IF_FEATURE_FIND_EXEC( "-exec\0" )
IF_FEATURE_FIND_EXEC_OK("-ok\0" )
IF_FEATURE_FIND_EXECUTABLE("-executable\0")
@@ -1594,6 +1628,18 @@ static action*** parse_params(char **argv)
ap->gid = xgroup2gid(arg1);
}
#endif
+#if ENABLE_FEATURE_FIND_NOUSER
+ else if (parm == PARM_nouser) {
+ dbg("%d", __LINE__);
+ (void) ALLOC_ACTION(nouser);
+ }
+#endif
+#if ENABLE_FEATURE_FIND_NOGROUP
+ else if (parm == PARM_nogroup) {
+ dbg("%d", __LINE__);
+ (void) ALLOC_ACTION(nogroup);
+ }
+#endif
#if ENABLE_FEATURE_FIND_SIZE
else if (parm == PARM_size) {
/* -size n[bckw]: file uses n units of space
--
2.32.0
___
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
