From owner-freebsd-bugs Mon Jun 3 1:10:16 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D6C0C37B403 for ; Mon, 3 Jun 2002 01:10:02 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g538A2s93184; Mon, 3 Jun 2002 01:10:02 -0700 (PDT) (envelope-from gnats) Date: Mon, 3 Jun 2002 01:10:02 -0700 (PDT) Message-Id: <200206030810.g538A2s93184@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Peter Pentchev Subject: Re: bin/38818: if [ -w filename ] incorrectly returns results when run as root and testing non-writeable files. Reply-To: Peter Pentchev Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/38818; it has been noted by GNATS. From: Peter Pentchev To: Pat Young Cc: bug-followup@FreeBSD.org Subject: Re: bin/38818: if [ -w filename ] incorrectly returns results when run as root and testing non-writeable files. Date: Mon, 3 Jun 2002 11:03:40 +0300 On Sat, Jun 01, 2002 at 09:31:32PM -0700, Pat Young wrote: > > >Number: 38818 > >Category: bin > >Synopsis: if [ -w filename ] incorrectly returns results when run as root and testing non-writeable files. > >Originator: Pat Young > >Release: 4.6-RC > >Organization: > NetLedger, Inc. > >Environment: > FreeBSD beast.netledger.com 4.6-RC FreeBSD 4.6-RC #8: Thu May 16 23:34:27 PDT 2002 xdice@beast.netledger.com:/usr/obj/usr/src/sys/BEAST i386 > > >Description: > While writing a small shell script to test to see if a file was writable, I found that when running the script as root, and incorrect result was returned. As a normal user, the script works. As root, however, even testing a file that is chmod 400 results in an incorrect test. > > I've tested with with bash from ports, and /bin/sh - same behavior. Linux fails in the same fashion, but Solaris works just fine (returns the expected result, which would be nothing.), regardless of shell. > > > >How-To-Repeat: > # if [ -w netsaintize ] > > then > > ls -l netsaintize > > fi > -r-------- 1 root wheel 0 Jun 1 21:02 netsaintize > # IMO, this is not a failure, but the expected result. What 'test -w' tests is not file permissions, but the actual access permissions. Even if the file permissions do not allow the owner to write to it, Unix-based OS's have historically allowed the super-user to write to any local file, unless other considerations kick in - physically write-protected media, read-only mounts, etc. Just as a test: Script started on Mon Jun 3 11:00:45 2002 Setting up interactive shell params.. [root@straylight:p9 /home/roam/tmp]# mkdir nettest [root@straylight:p9 /home/roam/tmp]# cd nettest [root@straylight:p9 /home/roam/tmp/nettest]# touch nettest [root@straylight:p9 /home/roam/tmp/nettest]# chmod 400 nettest [root@straylight:p9 /home/roam/tmp/nettest]# if [ -w nettest ]; then ls -l nettest; fi -r-------- 1 root users 0 3 ήνθ 11:00 nettest [root@straylight:p9 /home/roam/tmp/nettest]# echo unf > nettest [root@straylight:p9 /home/roam/tmp/nettest]# cat nettest unf [root@straylight:p9 /home/roam/tmp/nettest]# exit exit Script done on Mon Jun 3 11:01:15 2002 As you can see, 'test -w' reported the file as writable, and then a write did, indeed, succeed. In my opinion, this PR may be closed, as 'test -w' only Does The Right Thing(tm) - the super-root *is* allowed to write to the file :) G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 When you are not looking at it, this sentence is in Spanish. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message