Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site gatech.CSNET Path: utzoo!watmath!clyde!burl!ulysses!gatech!spaf From: spaf@gatech.CSNET (Gene Spafford) Newsgroups: net.bugs.4bsd Subject: bugs in access(2) ? Message-ID: <232@gatech.CSNET> Date: Thu, 6-Jun-85 14:29:38 EDT Article-I.D.: gatech.232 Posted: Thu Jun 6 14:29:38 1985 Date-Received: Sat, 8-Jun-85 01:55:26 EDT Distribution: net Organization: The Clouds Project, School of ICS, Georgia Tech Lines: 59 I have found what I believe to be a few bugs in the access(2) routine. Before I go about trying to put in fixes, I'd like to know if others have found these bugs and already have fixes. I'd also like to know if anyone can think of anything that will break if I fix these. For indexing purposes, we're running the BRL 3.0 release of their version of 4.2 BSD. "access" is in /sys/sys/ufs_fio.c Bug #1) A call to "access" root" with multiple permission checks on a file on a read-only disk will return an incorrect result. Example: i = access("/ro/foo", 022) and foo is on a read-only disk, the routine returns a 0 (implied "true"). Probable fix: change the line near the beginning which has if (m == IWRITE) to if ((m & 0222) != 0) Bug #2) Root is shown as having "execute" access to everything. This isn't correct for files which are not executable. Probable fix: Basically, the code which is currently: /* * If you're the super-user, * you always get access. */ if (u.u_uid == 0) return (0); should be rewritten to be something like: if (u.u_uid == 0) { if (ip->i_mode&IFMT == IFDIR) return (0); else { if (ip->imode&0111 != 0) return (0); else { u.u_error = EACCES; return (1); } } } Comments? -- Gene "3 months and holding" Spafford The Clouds Project, School of ICS, Georgia Tech, Atlanta GA 30332 CSNet: Spaf @ GATech ARPA: Spaf%GATech.CSNet @ CSNet-Relay.ARPA uucp: ...!{akgua,allegra,hplabs,ihnp4,linus,seismo,ulysses}!gatech!spaf