lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4FFA86C5.7090601@gmail.com>
Date:	Mon, 09 Jul 2012 17:22:45 +1000
From:	Ryan Mallon <rmallon@...il.com>
To:	Ulrich Windl <Ulrich.Windl@...uni-regensburg.de>
CC:	linux-kernel@...r.kernel.org
Subject: Re: Antw: Re: /sys and access(2): Correctly implemented?

On 09/07/12 16:23, Ulrich Windl wrote:
>>>> Ryan Mallon <rmallon@...il.com> schrieb am 09.07.2012 um 01:24 in Nachricht
> <4FFA16B6.9050009@...il.com>:
>> On 06/07/12 16:27, Ulrich Windl wrote:
>>> Hi!
>>>
>>> Recently I found a problem with the command (kernel 3.0.34-0.7-default from 
>> SLES 11 SP2, run as root):
>>> test -r "$file" && cat "$file"
>>> emitting "Permission denied"
>>>
>>> Investigating, I found that "test" actually uses "access()" to check for 
>> permissions. Unfortunately there are some files in /sys that have "write-only" 
>> permission bits set (e.g. /sys/devices/system/cpu/probe).
>>>
>>> ~ # ll /sys/devices/system/cpu/probe
>>> --w------- 1 root root 4096 Jun 29 12:43 /sys/devices/system/cpu/probe
>>> ~ # F=/sys/devices/system/cpu/probe
>>> ~ # test "$F" && cat "$F"
>>> cat: /sys/devices/system/cpu/probe: Permission denied
>>
>> Looks like you have a typo here, I think you wanted "test -r $F", not
>> "test $F", the latter will just evaluate "$F" as an expression which
>> will be true, and so you get the permission denied error running cat.
> 
> Hi!
> 
> You are right: It's a typo, but only in the message; the actual test was done correctly, and the outcome is quite the same.
> 
>>
>> Using "test -r $F" on a write-only sysfs file correctly returns false on
>> my machine (Ubuntu 10.04.4 LTS/2.6.32-41-generic).
> 
> Not here, unfortunately:

Oops, I missed the bit about you running as root. I get the same results
running as root on my machine as you, both for sysfs and regular files.

It appears that access(2) as the super-user is might be implementation
defined, see:

  http://pubs.opengroup.org/onlinepubs/000095399/functions/access.html
  http://lists.gnu.org/archive/html/bug-bash/2010-07/msg00071.html

However, I can't find any concrete information on it for Linux, and the
manpage doesn't mention anything other the the X_OK bit.

~Ryan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ