Fix faccessat(,0) and access() semantics.

* fhandler.h (fhandler_base::fhaccess): Add parameter.
* security.h (check_file_access, check_registry_access): Likewise.
* security.cc (check_file_access, check_registry_access)
(check_access): Implement new parameter.
* fhandler.cc (fhandler_base::fhaccess): Likewise.
(device_access_denied): Update caller.
* syscalls.cc (access, faccessat): Update callers.
* spawn.cc (find_exec, fixup): Likewise.
This commit is contained in:
Eric Blake
2009-09-25 13:44:45 +00:00
parent 5386cd8ecc
commit 3dbe243afa
7 changed files with 38 additions and 25 deletions

View File

@@ -169,7 +169,7 @@ find_exec (const char *name, path_conv& buf, const char *mywinenv,
if ((suffix = perhaps_suffix (tmp, buf, err, opt)) != NULL)
{
if (buf.has_acls () && check_file_access (buf, X_OK))
if (buf.has_acls () && check_file_access (buf, X_OK, true))
continue;
if (posix == tmp)
@@ -1083,7 +1083,8 @@ just_shell:
/* Check if script is executable. Otherwise we start non-executable
scripts successfully, which is incorrect behaviour. */
if (real_path.has_acls () && check_file_access (real_path, X_OK) < 0)
if (real_path.has_acls ()
&& check_file_access (real_path, X_OK, true) < 0)
return -1; /* errno is already set. */
/* Replace argv[0] with the full path to the script if this is the