/* euidaccess -- check if effective user id can access file
- Copyright (C) 1990, 1991 Free Software Foundation, Inc.
+ Copyright (C) 1990, 1991, 1995, 1998, 2000 Free Software Foundation, Inc.
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2, or (at your option)
- any later version.
+This file is part of the GNU C Library.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
+The GNU C Library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Library General Public License as
+published by the Free Software Foundation; either version 2 of the
+License, or (at your option) any later version.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
+The GNU C Library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+Library General Public License for more details.
-/* Written by David MacKenzie and Torbjorn Granlund. */
+You should have received a copy of the GNU Library General Public
+License along with the GNU C Library; see the file COPYING.LIB. If
+not, write to the Free Software Foundation, Inc., 59 Temple Place -
+Suite 330, Boston, MA 02111-1307, USA. */
-#ifdef HAVE_CONFIG_H
-#include <config.h>
+/* Written by David MacKenzie and Torbjorn Granlund.
+ Adapted for GNU C library by Roland McGrath. */
+
+#if HAVE_CONFIG_H
+# include <config.h>
#endif
#include <sys/types.h>
#include <sys/stat.h>
#ifdef S_IEXEC
-#ifndef S_IXUSR
-#define S_IXUSR S_IEXEC
-#endif
-#ifndef S_IXGRP
-#define S_IXGRP (S_IEXEC >> 3)
-#endif
-#ifndef S_IXOTH
-#define S_IXOTH (S_IEXEC >> 6)
-#endif
+# ifndef S_IXUSR
+# define S_IXUSR S_IEXEC
+# endif
+# ifndef S_IXGRP
+# define S_IXGRP (S_IEXEC >> 3)
+# endif
+# ifndef S_IXOTH
+# define S_IXOTH (S_IEXEC >> 6)
+# endif
#endif /* S_IEXEC */
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
+#if defined (HAVE_UNISTD_H) || defined (_LIBC)
+# include <unistd.h>
#endif
#ifdef _POSIX_VERSION
-#include <limits.h>
-#if !defined(NGROUPS_MAX) || NGROUPS_MAX < 1
-#undef NGROUPS_MAX
-#define NGROUPS_MAX sysconf (_SC_NGROUPS_MAX)
-#endif /* NGROUPS_MAX */
+# include <limits.h>
+# if !defined(NGROUPS_MAX) || NGROUPS_MAX < 1
+# undef NGROUPS_MAX
+# define NGROUPS_MAX sysconf (_SC_NGROUPS_MAX)
+# endif /* NGROUPS_MAX */
#else /* not _POSIX_VERSION */
uid_t getuid ();
gid_t getgid ();
uid_t geteuid ();
gid_t getegid ();
-#include <sys/param.h>
-#if !defined(NGROUPS_MAX) && defined(NGROUPS)
-#define NGROUPS_MAX NGROUPS
-#endif /* not NGROUPS_MAX and NGROUPS */
+# include <sys/param.h>
+# if !defined(NGROUPS_MAX) && defined(NGROUPS)
+# define NGROUPS_MAX NGROUPS
+# endif /* not NGROUPS_MAX and NGROUPS */
#endif /* not POSIX_VERSION */
#include <errno.h>
#ifndef errno
extern int errno;
#endif
+#ifndef __set_errno
+# define __set_errno(val) errno = (val)
+#endif
#if defined(EACCES) && !defined(EACCESS)
-#define EACCESS EACCES
+# define EACCESS EACCES
#endif
#ifndef F_OK
-#define F_OK 0
-#define X_OK 1
-#define W_OK 2
-#define R_OK 4
+# define F_OK 0
+# define X_OK 1
+# define W_OK 2
+# define R_OK 4
+#endif
+
+#if !defined (S_IROTH) && defined (R_OK)
+# define S_IROTH R_OK
+#endif
+
+#if !defined (S_IWOTH) && defined (W_OK)
+# define S_IWOTH W_OK
+#endif
+
+#if !defined (S_IXOTH) && defined (X_OK)
+# define S_IXOTH X_OK
#endif
+#ifdef _LIBC
+
+# define group_member __group_member
+# define euidaccess __euidaccess
+
+#else
+
/* The user's real user id. */
static uid_t uid;
/* The user's real group id. */
static gid_t gid;
+# if HAVE_GETGROUPS
+int group_member ();
+# else
+# define group_member(gid) 0
+# endif
+
+#endif
+
/* The user's effective user id. */
static uid_t euid;
/* The user's effective group id. */
static gid_t egid;
-int group_member ();
-
/* Nonzero if UID, GID, EUID, and EGID have valid values. */
-static int have_ids = 0;
-
-/* Like euidaccess, except that a pointer to a filled-in stat structure
- describing the file is provided instead of a filename.
- Because this function is almost guaranteed to fail on systems that
- use ACLs, a third argument *PATH may be used. If it is non-NULL,
- it is assumed to be the name of the file corresponding to STATP.
- Then, if the user is not running set-uid or set-gid, use access
- instead of attempting a manual and non-portable comparison. */
-
-static int
-eaccess_stat (statp, mode, path)
- const struct stat *statp;
- int mode;
- const char *path;
-{
- int granted;
-
- mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
-
- if (mode == F_OK)
- return 0; /* The file exists. */
-
- if (have_ids == 0)
- {
- have_ids = 1;
- uid = getuid ();
- gid = getgid ();
- euid = geteuid ();
- egid = getegid ();
- }
+static int have_ids;
- if (path && uid == euid && gid == egid)
- {
- return access (path, mode);
- }
-
- /* The super-user can read and write any file, and execute any file
- that anyone can execute. */
- if (euid == 0 && ((mode & X_OK) == 0
- || (statp->st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
- return 0;
-
- if (euid == statp->st_uid)
- granted = (unsigned) (statp->st_mode & (mode << 6)) >> 6;
- else if (egid == statp->st_gid
-#ifdef HAVE_GETGROUPS
- || group_member (statp->st_gid)
-#endif
- )
- granted = (unsigned) (statp->st_mode & (mode << 3)) >> 3;
- else
- granted = (statp->st_mode & mode);
- if (granted == mode)
- return 0;
- errno = EACCESS;
- return -1;
-}
/* Return 0 if the user has permission of type MODE on file PATH;
otherwise, return -1 and set `errno' to EACCESS.
filesystem, text busy, etc. */
int
-euidaccess (path, mode)
- const char *path;
- int mode;
+euidaccess (const char *path, int mode)
{
struct stat stats;
+ int granted;
+#ifdef _LIBC
+ if (! __libc_enable_secure)
+ /* If we are not set-uid or set-gid, access does the same. */
+ return __access (path, mode);
+#else
if (have_ids == 0)
{
have_ids = 1;
}
if (uid == euid && gid == egid)
- {
- return access (path, mode);
- }
+ /* If we are not set-uid or set-gid, access does the same. */
+ return access (path, mode);
+#endif
if (stat (path, &stats))
return -1;
- return eaccess_stat (&stats, mode, path);
-}
+ mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
+#if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
+ ?error Oops, portability assumptions incorrect.
+#endif
-#ifdef TEST
-#include <stdio.h>
-#include <errno.h>
+ if (mode == F_OK)
+ return 0; /* The file exists. */
+
+#ifdef _LIBC
+ /* Now we need the IDs. */
+ if (have_ids == 0)
+ {
+ have_ids = 1;
+ euid = __geteuid ();
+ egid = __getegid ();
+ }
+#endif
-void error ();
+ /* The super-user can read and write any file, and execute any file
+ that anyone can execute. */
+ if (euid == 0 && ((mode & X_OK) == 0
+ || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
+ return 0;
+
+ if (euid == stats.st_uid)
+ granted = (unsigned) (stats.st_mode & (mode << 6)) >> 6;
+ else if (egid == stats.st_gid || group_member (stats.st_gid))
+ granted = (unsigned) (stats.st_mode & (mode << 3)) >> 3;
+ else
+ granted = (stats.st_mode & mode);
+ if (granted == mode)
+ return 0;
+ __set_errno (EACCESS);
+ return -1;
+}
+#undef euidaccess
+#ifdef weak_alias
+weak_alias (__euidaccess, euidaccess)
+#endif
+\f
+#ifdef TEST
+# include <stdio.h>
+# include <errno.h>
+# include "error.h"
char *program_name;
projects / gnulib.git / blobdiff