diff options
| author | Jim Meyering <jim@meyering.net> | 2003-02-10 09:01:48 +0000 |
|---|---|---|
| committer | Jim Meyering <jim@meyering.net> | 2003-02-10 09:01:48 +0000 |
| commit | c2597b6041c599109563a8d733a1aeb04f98746b (patch) | |
| tree | a7eee82e0befc4824d92406edbd423d7d8f5798b /src | |
| parent | bf95c4519c82c78a58033e36e06072298908ef0c (diff) | |
| download | coreutils-c2597b6041c599109563a8d733a1aeb04f98746b.tar.xz | |
Don't include group-member.h.
Include euidaccess.h.
(eaccess): Rewrite function to set the real uid and gid temporarily
to the effective uid and gid, then invoke 'access', and then set the
real uid and gid back. On systems that lack setreuid or setregid,
fall back on the kludges in euidaccess. Before, it would not work
for e.g., files with ACLs, files that were marked immutable,
or on file systems mounted read-only.
Diffstat (limited to 'src')
| -rw-r--r-- | src/test.c | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/src/test.c b/src/test.c index e720ddd55..d52c3aef1 100644 --- a/src/test.c +++ b/src/test.c @@ -39,8 +39,8 @@ # include "filecntl.h" #else /* TEST_STANDALONE */ # include "system.h" -# include "group-member.h" # include "error.h" +# include "euidaccess.h" # if !defined (S_IXUGO) # define S_IXUGO 0111 # endif /* S_IXUGO */ @@ -135,43 +135,43 @@ test_syntax_error (char const *format, char const *arg) test_exit (SHELL_BOOLEAN (FALSE)); } -/* Do the same thing access(2) does, but use the effective uid and gid, - and don't make the mistake of telling root that any file is executable. - But this loses when the containing filesystem is mounted e.g. read-only. */ +#if HAVE_SETREUID && HAVE_SETREGID +/* Do the same thing access(2) does, but use the effective uid and gid. */ + static int -eaccess (char *path, int mode) +eaccess (char const *file, int mode) { - struct stat st; - static uid_t euid = -1; - - if (stat (path, &st) < 0) - return (-1); - - if (euid == (uid_t) -1) - euid = geteuid (); + static int have_ids; + static uid_t uid, euid; + static gid_t gid, egid; + int result; - if (euid == 0) + if (have_ids == 0) { - /* Root can read or write any file. */ - if (mode != X_OK) - return (0); - - /* Root can execute any file that has any one of the execute - bits set. */ - if (st.st_mode & S_IXUGO) - return (0); + have_ids = 1; + uid = getuid (); + gid = getgid (); + euid = geteuid (); + egid = getegid (); } - if (st.st_uid == euid) /* owner */ - mode <<= 6; - else if (group_member (st.st_gid)) - mode <<= 3; + if (uid != euid) + setreuid (euid, uid); + if (gid != egid) + setregid (egid, gid); - if (st.st_mode & mode) - return (0); + result = access (file, mode); + + if (uid != euid) + setreuid (euid, uid); + if (gid != egid) + setregid (egid, gid); - return (-1); + return result; } +#else +# define eaccess(F, M) euidaccess (F, M) +#endif /* Increment our position in the argument list. Check that we're not past the end of the argument list. This check is supressed if the |