bin/41995: cvs mishandles permissions

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: bin/41995: cvs mishandles permissions
From: dholland%eecs.harvard.edu@localhost
Date: Sat, 5 Sep 2009 04:05:00 +0000 (UTC)

>Number:         41995
>Category:       bin
>Synopsis:       cvs mishandles permissions
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Sep 05 04:05:00 +0000 2009
>Originator:     David A. Holland
>Release:        NetBSD 5.99.15 (20090831)
>Organization:
>Environment:
System: NetBSD tanaqui 5.99.15 NetBSD 5.99.15 (TANAQUI) #29: Thu Sep 3 18:23:41 
EDT 2009 dholland@tanaqui:/usr/src/sys/arch/i386/compile/TANAQUI i386
Architecture: i386
Machine: i386
>Description:

After updating this week one of my routine builds failed; after poking
around this turned out to be caused by cvs barfing on certain files in
freshly checked-out trees:

        tanaqui% ls
        CVS
        tanaqui% cvs update -dP
        cvs update: Updating .
        cvs update: nothing known about `boilerplate.mk'
        tanaqui% cvs update -p boilerplate.mk
           [file contents appear normally]
        tanaqui% 

This seemed at first to affect some files and not others randomly, but
it turned out to be linked to file permissions. This led me to look at
CVS's use of the supplementary group list, which led me to the
following code on line 285 of filesubr.c:

    mask = sb.st_uid == uid ? umask : sb.st_gid == ingroup(sb.st_gid) ?
        gmask : omask;

A quick look will show that ingroup() returns a truth value.

>How-To-Repeat:

cvs checkout a tree where some files are accessible only via your
supplementary group list, involving a gid not equal to 1.

>Fix:

Index: filesubr.c
===================================================================
RCS file: /cvsroot/src/external/gpl2/xcvs/dist/src/filesubr.c,v
retrieving revision 1.2
diff -u -p -r1.2 filesubr.c
--- filesubr.c  8 Apr 2009 16:27:51 -0000       1.2
+++ filesubr.c  5 Sep 2009 03:46:52 -0000
@@ -282,8 +282,7 @@ isaccessible (const char *file, const in
        omask |= S_IXOTH;
     }
 
-    mask = sb.st_uid == uid ? umask : sb.st_gid == ingroup(sb.st_gid) ?
-       gmask : omask;
+    mask = sb.st_uid == uid ? umask : ingroup(sb.st_gid) ? gmask : omask;
     if ((sb.st_mode & mask) == mask)
        return true;
     errno = EACCES;

Prev by Date: bin/41994: ldd should have an -o option like nm
Next by Date: PR/41993 CVS commit: src/usr.bin/skeyinfo
Previous by Thread: bin/41994: ldd should have an -o option like nm
Next by Thread: PR/41993 CVS commit: src/usr.bin/skeyinfo
Indexes:

Home | Main Index | Thread Index | Old Index