X-Git-Url: http://erislabs.net/gitweb/?a=blobdiff_plain;f=lib%2Feuidaccess.c;h=dcb6e3a9316bc120f9182abd55252ea9de5c45ba;hb=758f9126aabf3d676a6b6ef3f0522d20d799903f;hp=4803dbcadd7a9cf2cbca9b3a85423780c4c3118f;hpb=4174132afcfff62bfd39028e429b6a44ee3233a8;p=gnulib.git

diff --git a/lib/euidaccess.c b/lib/euidaccess.c
index 4803dbcad..dcb6e3a93 100644
--- a/lib/euidaccess.c
+++ b/lib/euidaccess.c
@@ -1,171 +1,222 @@
 /* euidaccess -- check if effective user id can access file
-   Copyright (C) 1990, 1991, 1995 Free Software Foundation, Inc.
 
-This file is part of the GNU C Library.
+   Copyright (C) 1990, 1991, 1995, 1998, 2000, 2003, 2004, 2005, 2006,
+   2008, 2009 Free Software Foundation, Inc.
 
-The GNU C Library is free software; you can redistribute it and/or
-modify it under the terms of the GNU Library General Public License as
-published by the Free Software Foundation; either version 2 of the
-License, or (at your option) any later version.
+   This file is part of the GNU C Library.
 
-The GNU C Library is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-Library General Public License for more details.
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
 
-You should have received a copy of the GNU Library General Public
-License along with the GNU C Library; see the file COPYING.LIB.  If
-not, write to the Free Software Foundation, Inc., 675 Mass Ave,
-Cambridge, MA 02139, USA.  */
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
 
 /* Written by David MacKenzie and Torbjorn Granlund.
    Adapted for GNU C library by Roland McGrath.  */
 
-#ifdef HAVE_CONFIG_H
-#include <config.h>
+#ifndef _LIBC
+# include <config.h>
 #endif
 
+#include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
-
-#ifdef S_IEXEC
-#ifndef S_IXUSR
-#define S_IXUSR S_IEXEC
-#endif
-#ifndef S_IXGRP
-#define S_IXGRP (S_IEXEC >> 3)
-#endif
-#ifndef S_IXOTH
-#define S_IXOTH (S_IEXEC >> 6)
-#endif
-#endif /* S_IEXEC */
-
-#if defined (HAVE_UNISTD_H) || defined (_LIBC)
 #include <unistd.h>
-#endif
 
-#ifdef _POSIX_VERSION
-#include <limits.h>
-#if !defined(NGROUPS_MAX) || NGROUPS_MAX < 1
-#undef NGROUPS_MAX
-#define NGROUPS_MAX sysconf (_SC_NGROUPS_MAX)
-#endif /* NGROUPS_MAX */
-
-#else /* not _POSIX_VERSION */
-uid_t getuid ();
-gid_t getgid ();
-uid_t geteuid ();
-gid_t getegid ();
-#include <sys/param.h>
-#if !defined(NGROUPS_MAX) && defined(NGROUPS)
-#define NGROUPS_MAX NGROUPS
-#endif /* not NGROUPS_MAX and NGROUPS */
-#endif /* not POSIX_VERSION */
+#if HAVE_LIBGEN_H
+# include <libgen.h>
+#endif
 
 #include <errno.h>
-#ifndef errno
-extern int errno;
+#ifndef __set_errno
+# define __set_errno(val) errno = (val)
 #endif
 
-#if defined(EACCES) && !defined(EACCESS)
-#define EACCESS EACCES
+#if defined EACCES && !defined EACCESS
+# define EACCESS EACCES
 #endif
 
 #ifndef F_OK
-#define F_OK 0
-#define X_OK 1
-#define W_OK 2
-#define R_OK 4
+# define F_OK 0
+# define X_OK 1
+# define W_OK 2
+# define R_OK 4
 #endif
 
 
 #ifdef _LIBC
 
-#define group_member __group_member
+# define access __access
+# define getuid __getuid
+# define getgid __getgid
+# define geteuid __geteuid
+# define getegid __getegid
+# define group_member __group_member
+# define euidaccess __euidaccess
+# undef stat
+# define stat stat64
 
 #else
 
-/* The user's real user id. */
-static uid_t uid;
-
-/* The user's real group id. */
-static gid_t gid;
-
-/* The user's effective user id. */
-static uid_t euid;
-
-/* The user's effective group id. */
-static gid_t egid;
-
-/* Nonzero if UID, GID, EUID, and EGID have valid values. */
-static int have_ids = 0;
-
-#ifdef HAVE_GETGROUPS
-int group_member ();
-#else
-#define group_member(gid)	0
-#endif
+# include "group-member.h"
 
 #endif
 
-
-/* Return 0 if the user has permission of type MODE on file PATH;
-   otherwise, return -1 and set `errno' to EACCESS.
+/* Return 0 if the user has permission of type MODE on FILE;
+   otherwise, return -1 and set `errno'.
    Like access, except that it uses the effective user and group
-   id's instead of the real ones, and it does not check for read-only
-   filesystem, text busy, etc. */
+   id's instead of the real ones, and it does not always check for read-only
+   file system, text busy, etc.  */
 
 int
-euidaccess (path, mode)
-     const char *path;
-     int mode;
+euidaccess (const char *file, int mode)
 {
+#if HAVE_FACCESSAT
+  return faccessat (AT_FDCWD, file, mode, AT_EACCESS);
+#elif defined EFF_ONLY_OK
+  return access (file, mode | EFF_ONLY_OK);
+#elif defined ACC_SELF
+  return accessx (file, mode, ACC_SELF);
+#elif HAVE_EACCESS
+  return eaccess (file, mode);
+#else
+
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+  uid_t euid = geteuid ();
+  gid_t egid = getegid ();
   struct stat stats;
-  int granted;
 
-#ifdef	_LIBC
-  uid_t uid = getuid (), euid = geteuid ();
-  gid_t gid = getgid (), egid = getegid ();
-#else
-  if (have_ids == 0)
+# if HAVE_DECL_SETREGID && PREFER_NONREENTRANT_EUIDACCESS
+
+  /* Define PREFER_NONREENTRANT_EUIDACCESS if you prefer euidaccess to
+     return the correct result even if this would make it
+     nonreentrant.  Define this only if your entire application is
+     safe even if the uid or gid might temporarily change.  If your
+     application uses signal handlers or threads it is probably not
+     safe.  */
+
+  if (mode == F_OK)
+    return stat (file, &stats);
+  else
     {
-      have_ids = 1;
-      uid = getuid ();
-      gid = getgid ();
-      euid = geteuid ();
-      egid = getegid ();
+      int result;
+      int saved_errno;
+
+      if (uid != euid)
+	setreuid (euid, uid);
+      if (gid != egid)
+	setregid (egid, gid);
+
+      result = access (file, mode);
+      saved_errno = errno;
+
+      /* Restore them.  */
+      if (uid != euid)
+	setreuid (uid, euid);
+      if (gid != egid)
+	setregid (gid, egid);
+
+      errno = saved_errno;
+      return result;
     }
-#endif
 
+# else
+
+  /* The following code assumes the traditional Unix model, and is not
+     correct on systems that have ACLs or the like.  However, it's
+     better than nothing, and it is reentrant.  */
+
+  unsigned int granted;
   if (uid == euid && gid == egid)
     /* If we are not set-uid or set-gid, access does the same.  */
-    return access (path, mode);
+    return access (file, mode);
 
-  if (stat (path, &stats))
+  if (stat (file, &stats) != 0)
     return -1;
 
-  mode &= (X_OK | W_OK | R_OK);	/* Clear any bogus bits. */
-#if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
-  ?error Oops, portability assumptions incorrect.
-#endif
-
-  if (mode == F_OK)
-    return 0;			/* The file exists. */
-
   /* The super-user can read and write any file, and execute any file
-     that anyone can execute. */
+     that anyone can execute.  */
   if (euid == 0 && ((mode & X_OK) == 0
 		    || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
     return 0;
 
+  /* Convert the mode to traditional form, clearing any bogus bits.  */
+  if (R_OK == 4 && W_OK == 2 && X_OK == 1 && F_OK == 0)
+    mode &= 7;
+  else
+    mode = ((mode & R_OK ? 4 : 0)
+	    + (mode & W_OK ? 2 : 0)
+	    + (mode & X_OK ? 1 : 0));
+
+  if (mode == 0)
+    return 0;			/* The file exists.  */
+
+  /* Convert the file's permission bits to traditional form.  */
+  if (S_IRUSR == (4 << 6) && S_IWUSR == (2 << 6) && S_IXUSR == (1 << 6)
+      && S_IRGRP == (4 << 3) && S_IWGRP == (2 << 3) && S_IXGRP == (1 << 3)
+      && S_IROTH == (4 << 0) && S_IWOTH == (2 << 0) && S_IXOTH == (1 << 0))
+    granted = stats.st_mode;
+  else
+    granted = ((stats.st_mode & S_IRUSR ? 4 << 6 : 0)
+	       + (stats.st_mode & S_IWUSR ? 2 << 6 : 0)
+	       + (stats.st_mode & S_IXUSR ? 1 << 6 : 0)
+	       + (stats.st_mode & S_IRGRP ? 4 << 3 : 0)
+	       + (stats.st_mode & S_IWGRP ? 2 << 3 : 0)
+	       + (stats.st_mode & S_IXGRP ? 1 << 3 : 0)
+	       + (stats.st_mode & S_IROTH ? 4 << 0 : 0)
+	       + (stats.st_mode & S_IWOTH ? 2 << 0 : 0)
+	       + (stats.st_mode & S_IXOTH ? 1 << 0 : 0));
+
   if (euid == stats.st_uid)
-    granted = (unsigned) (stats.st_mode & (mode << 6)) >> 6;
+    granted >>= 6;
   else if (egid == stats.st_gid || group_member (stats.st_gid))
-    granted = (unsigned) (stats.st_mode & (mode << 3)) >> 3;
-  else
-    granted = (stats.st_mode & mode);
-  if (granted == mode)
+    granted >>= 3;
+
+  if ((mode & ~granted) == 0)
     return 0;
-  errno = EACCESS;
+  __set_errno (EACCESS);
   return -1;
+
+# endif
+#endif
+}
+#undef euidaccess
+#ifdef weak_alias
+weak_alias (__euidaccess, euidaccess)
+#endif
+
+#ifdef TEST
+# include <error.h>
+# include <stdio.h>
+# include <stdlib.h>
+
+char *program_name;
+
+int
+main (int argc, char **argv)
+{
+  char *file;
+  int mode;
+  int err;
+
+  program_name = argv[0];
+  if (argc < 3)
+    abort ();
+  file = argv[1];
+  mode = atoi (argv[2]);
+
+  err = euidaccess (file, mode);
+  printf ("%d\n", err);
+  if (err != 0)
+    error (0, errno, "%s", file);
+  exit (0);
 }
+#endif