NetBSD Problem Report #41995
From dholland@eecs.harvard.edu Sat Sep 5 04:02:37 2009
Return-Path: <dholland@eecs.harvard.edu>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id CD43A63BC1D
for <gnats-bugs@gnats.NetBSD.org>; Sat, 5 Sep 2009 04:02:36 +0000 (UTC)
Message-Id: <20090905040214.162F210135@tanaqui.eecs.harvard.edu>
Date: Sat, 5 Sep 2009 00:02:13 -0400 (EDT)
From: dholland@eecs.harvard.edu
Reply-To: dholland@eecs.harvard.edu
To: gnats-bugs@gnats.NetBSD.org
Subject: cvs mishandles permissions
X-Send-Pr-Version: 3.95
>Number: 41995
>Category: bin
>Synopsis: cvs mishandles permissions
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: bin-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Sep 05 04:05:00 +0000 2009
>Closed-Date: Sat Sep 05 06:22:32 +0000 2009
>Last-Modified: Sat Sep 05 06:22:32 +0000 2009
>Originator: David A. Holland
>Release: NetBSD 5.99.15 (20090831)
>Organization:
>Environment:
System: NetBSD tanaqui 5.99.15 NetBSD 5.99.15 (TANAQUI) #29: Thu Sep 3 18:23:41 EDT 2009 dholland@tanaqui:/usr/src/sys/arch/i386/compile/TANAQUI i386
Architecture: i386
Machine: i386
>Description:
After updating this week one of my routine builds failed; after poking
around this turned out to be caused by cvs barfing on certain files in
freshly checked-out trees:
tanaqui% ls
CVS
tanaqui% cvs update -dP
cvs update: Updating .
cvs update: nothing known about `boilerplate.mk'
tanaqui% cvs update -p boilerplate.mk
[file contents appear normally]
tanaqui%
This seemed at first to affect some files and not others randomly, but
it turned out to be linked to file permissions. This led me to look at
CVS's use of the supplementary group list, which led me to the
following code on line 285 of filesubr.c:
mask = sb.st_uid == uid ? umask : sb.st_gid == ingroup(sb.st_gid) ?
gmask : omask;
A quick look will show that ingroup() returns a truth value.
>How-To-Repeat:
cvs checkout a tree where some files are accessible only via your
supplementary group list, involving a gid not equal to 1.
>Fix:
Index: filesubr.c
===================================================================
RCS file: /cvsroot/src/external/gpl2/xcvs/dist/src/filesubr.c,v
retrieving revision 1.2
diff -u -p -r1.2 filesubr.c
--- filesubr.c 8 Apr 2009 16:27:51 -0000 1.2
+++ filesubr.c 5 Sep 2009 03:46:52 -0000
@@ -282,8 +282,7 @@ isaccessible (const char *file, const in
omask |= S_IXOTH;
}
- mask = sb.st_uid == uid ? umask : sb.st_gid == ingroup(sb.st_gid) ?
- gmask : omask;
+ mask = sb.st_uid == uid ? umask : ingroup(sb.st_gid) ? gmask : omask;
if ((sb.st_mode & mask) == mask)
return true;
errno = EACCES;
>Release-Note:
>Audit-Trail:
From: "David A. Holland" <dholland@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/41995 CVS commit: src/external/gpl2/xcvs/dist/src
Date: Sat, 5 Sep 2009 06:18:55 +0000
Module Name: src
Committed By: dholland
Date: Sat Sep 5 06:18:55 UTC 2009
Modified Files:
src/external/gpl2/xcvs/dist/src: filesubr.c
Log Message:
Check group membership correctly; ingroup() returns a truth value, not a gid.
PR bin/41995.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/gpl2/xcvs/dist/src/filesubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Sat, 05 Sep 2009 06:22:32 +0000
State-Changed-Why:
fixed.
(note: problem is only in new cvs, therefore no pullups are required)
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.