Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!usc!samsung!uunet!auspex!guy
From: guy@auspex.auspex.com (Guy Harris)
Newsgroups: comp.unix.programmer
Subject: Re: getting the current working directory
Message-ID: <5262@auspex.auspex.com>
Date: 15 Jan 91 19:46:22 GMT
References: <42380@ut-emx.uucp> <5195@idunno.Princeton.EDU> <3141@polari.UUCP>
Distribution: usa
Organization: Auspex Systems, Santa Clara
Lines: 22

>[getwd that crawls up the directory tree reading each directory on the way]
>
>The problem with this is that it's quite possible to be in a directory
>which has some ancestors that can't be read.  Thus a program calling this
>getwd must be running setuid root or in a restricted environment (in which
>case it probably shouldn't need to call getwd) where it knows all ancestors
>of the current directory are readable.

A program calling just about *any* flavor of "getwd()" must be running
set-uid "root" or in a restricted environment of that sort if you
actually care about getting the right answer in a directory that has
some ancestors that can't be read.  The 4.xBSD "getwd()" and SunOS
"getwd()"s, just like the posted one, crawl up the directory tree
reading each directory on the way.

Prior to S5R4, S5's "getcwd()" "popen()"ed a "pwd" program, but I don't
think "pwd" is set-UID "root" in S5.  I think S5R4's is a subroutine
that crawls up the directory tree, just like many (all?) "getwd()"s.

Note also that in the presence of various distributed file systems even
set-UID "root" may not be enough; both NFS and RFS servers may map the
root user-ID to some unprivileged user ID.