Skip Menu |
Report information
Id: 128062
Status: open
Priority: 0/
Queue: perl6

Owner: Nobody
Requestors: molecules <bottomsc [at] missouri.edu>
Cc:
AdminCc:

Severity: (no value)
Tag: testneeded
Platform: (no value)
Patch Status: (no value)
VM: (no value)



Subject: chdir does not respect group reading privilege
Download (untitled) / with headers
text/plain 1.1k
# This is on 64-bit CentOS 7, but I have also observed this behavior on # CentOS 6.7. User is "test" and has its own group called "test". It should # therefore be possible possible to use "chdir" in Perl6 to change to a # directory that has full privileges for its home group "test". # First we see that "chdir" works when permissions are liberal # The user "test" is not the user owner, but its group does own it. [test@localhost tests]$ ls -ld path drwxrwxr-x. 2 foo test 22 May 3 10:13 path [test@localhost tests]$ perl6 To exit type 'exit' or '^D' Show quoted text
> chdir 'path'
"/home/test/tests/path".IO Show quoted text
> chdir '..'
"/home/test/tests".IO # "chdir" doesn't work after removing "other" read/execute privileges Show quoted text
> shell('sudo chmod o-rx path');
... Show quoted text
> chdir 'path'
Failed to change the working directory to '/home/test/tests/path': did not pass 'd r' test in block <unit> at <unknown file> line 1 Show quoted text
> exit
# But the "test" user does belong to its own "test" group [test@localhost tests]$ groups test # This is using Rakudo-Star 2016.04 on MoarVM 2016.04 [test@localhost tests]$ perl6 -v This is Rakudo version 2016.04 built on MoarVM version 2016.04 implementing Perl 6.c.
Date: Tue, 3 May 2016 15:00:09 -0400
Subject: Re: [perl #128062] chdir does not respect group reading privilege
From: Brandon Allbery <allbery.b [...] gmail.com>
CC: bugs-bitbucket [...] rt.perl.org
To: perl6-compiler <perl6-compiler [...] perl.org>
Download (untitled) / with headers
text/plain 838b
On Tue, May 3, 2016 at 12:01 PM, Christopher Bottoms <perl6-bugs-followup@perl.org> wrote:
Show quoted text
Failed to change the working directory to '/home/test/tests/path': did not pass 'd r' test

Urgh. Please tell me it is not testing permissions before changing directory; that's pointless and (although I think "safe" here) wide open to race conditions. If you want to check it afterward to try to guess why it failed, fine; but let the OS do the check instead of trying to guess at it.

(And I can't wait to see this fail on a network filesystem which doesn't use Unix permissions: NFS4, AFS, CIFS, ....)

--
brandon s allbery kf8nh                               sine nomine associates
allbery.b@gmail.com                                  ballbery@sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad        http://sinenomine.net
Download (untitled) / with headers
text/plain 863b
Show quoted text
> > Urgh. Please tell me it is not testing permissions before changing > directory; that's pointless and (although I think "safe" here) wide open to > race conditions. If you want to check it afterward to try to guess why it > failed, fine; but let the OS do the check instead of trying to guess at it. >
Yes, it is doing such checks. I was tempted to work on them myself, until I found out that the functions actually doing the checking are implemented in the virtual machines themselves (e.g. MoarVM, JVM). Related pages: https://github.com/rakudo/rakudo/blob/nom/src/core/IO/Path.pm#L269 https://github.com/rakudo/rakudo/blob/nom/src/core/IO/Path.pm#L570 https://github.com/rakudo/rakudo/blob/nom/src/core/Rakudo/Internals.pm#L1127 https://github.com/rakudo/rakudo/search?q=nqp%3A%3Afilereadable https://github.com/perl6/nqp/search?l=perl6&q=filereadable
Download (untitled) / with headers
text/plain 390b
File numbers change, so some of the previous links aren't pointing to the desired lines anymore. Try these "search" links should be helpful: https://github.com/rakudo/rakudo/search?q="did+not+pass+'d+"&type=Code https://github.com/rakudo/rakudo/search?q=FILETEST-R https://github.com/rakudo/rakudo/search?q=nqp%3A%3Afilereadable https://github.com/perl6/nqp/search?l=perl6&q=filereadable
Download (untitled) / with headers
text/plain 1.3k
I found that this is not a problem on Perl 6 with a JVM backend. So this is MoarVM-specific. On Tue May 03 09:01:15 2016, molecules wrote: Show quoted text
> # This is on 64-bit CentOS 7, but I have also observed this behavior > on > # CentOS 6.7. User is "test" and has its own group called "test". It > should > # therefore be possible possible to use "chdir" in Perl6 to change to > a > # directory that has full privileges for its home group "test". > > # First we see that "chdir" works when permissions are liberal > # The user "test" is not the user owner, but its group does own it. > [test@localhost tests]$ ls -ld path > drwxrwxr-x. 2 foo test 22 May 3 10:13 path > [test@localhost tests]$ perl6 > To exit type 'exit' or '^D'
> > chdir 'path'
> "/home/test/tests/path".IO
> > chdir '..'
> "/home/test/tests".IO > > # "chdir" doesn't work after removing "other" read/execute privileges
> > shell('sudo chmod o-rx path');
> ...
> > chdir 'path'
> Failed to change the working directory to '/home/test/tests/path': did > not pass 'd r' test > in block <unit> at <unknown file> line 1 >
> > exit
> > # But the "test" user does belong to its own "test" group > [test@localhost tests]$ groups > test > > # This is using Rakudo-Star 2016.04 on MoarVM 2016.04 > [test@localhost tests]$ perl6 -v > This is Rakudo version 2016.04 built on MoarVM version 2016.04 > implementing Perl 6.c.
Download (untitled) / with headers
text/plain 1.8k
This doesn't seem to be a problem with Rakudo 2017.04, so was probably fixed by Zoffix's I/O work (see http://blogs.perl.org/users/zoffix_znet/2017/04/perl-6-io-tpf-grant-monthly-report-april-2017.html). Thanks! I think that the only thing lacking is a good regression test in roast. I could easily write a Unix-specific test, but I think we want something more general. On Mon, 31 Oct 2016 08:08:15 -0700, molecules wrote: Show quoted text
> I found that this is not a problem on Perl 6 with a JVM backend. So > this is MoarVM-specific. > > On Tue May 03 09:01:15 2016, molecules wrote:
> > # This is on 64-bit CentOS 7, but I have also observed this behavior > > on > > # CentOS 6.7. User is "test" and has its own group called "test". It > > should > > # therefore be possible possible to use "chdir" in Perl6 to change to > > a > > # directory that has full privileges for its home group "test". > > > > # First we see that "chdir" works when permissions are liberal > > # The user "test" is not the user owner, but its group does own it. > > [test@localhost tests]$ ls -ld path > > drwxrwxr-x. 2 foo test 22 May 3 10:13 path > > [test@localhost tests]$ perl6 > > To exit type 'exit' or '^D'
> > > chdir 'path'
> > "/home/test/tests/path".IO
> > > chdir '..'
> > "/home/test/tests".IO > > > > # "chdir" doesn't work after removing "other" read/execute privileges
> > > shell('sudo chmod o-rx path');
> > ...
> > > chdir 'path'
> > Failed to change the working directory to '/home/test/tests/path': > > did > > not pass 'd r' test > > in block <unit> at <unknown file> line 1 > >
> > > exit
> > > > # But the "test" user does belong to its own "test" group > > [test@localhost tests]$ groups > > test > > > > # This is using Rakudo-Star 2016.04 on MoarVM 2016.04 > > [test@localhost tests]$ perl6 -v > > This is Rakudo version 2016.04 built on MoarVM version 2016.04 > > implementing Perl 6.c.
RT-Send-CC: perl6-compiler [...] perl.org
Download (untitled) / with headers
text/plain 895b
On Mon, 17 Jul 2017 10:26:43 -0700, molecules wrote: Show quoted text
> This doesn't seem to be a problem with Rakudo 2017.04, so was probably > fixed by Zoffix's I/O work (see > http://blogs.perl.org/users/zoffix_znet/2017/04/perl-6-io-tpf-grant- > monthly-report-april-2017.html). Thanks! > > I think that the only thing lacking is a good regression test in > roast. I could easily write a Unix-specific test, but I think we want > something more general.
What was "fixed" is chdir by default only does the `.d` test now (it used to do `.r` test too). If that's what was needed, then there's a hole battery[^1] of tests covering this behaviour. But I suspect the old behaviour is still there when doing `chdir :d, :r, 'some dir'`, so it does the `.r` too. THAT should respect group privileges, right? [1] https://github.com/perl6/roast/blob/9b51341b6c77bfe6f0ce045431942eadc4301d78/S32-io/chdir.t#L61-L140
Subject: Re: [perl #128062] [BUG] (MoarVM) chdir does not respect group reading privilege
To: Carl Mäsak via RT <perl6-bugs-followup [...] perl.org>
Date: Mon, 17 Jul 2017 19:11:32 -0400
From: Brandon Allbery <allbery.b [...] gmail.com>
CC: bottomsc [...] missouri.edu
Download (untitled) / with headers
text/plain 1.3k
It should not be testing, it should just try to do the operation and complain after if it fails. Race conditions should not be a language 'feature'.

On Mon, Jul 17, 2017 at 6:02 PM, Zoffix Znet via RT <perl6-bugs-followup@perl.org> wrote:
Show quoted text
On Mon, 17 Jul 2017 10:26:43 -0700, molecules wrote:
> This doesn't seem to be a problem with Rakudo 2017.04, so was probably
> fixed by Zoffix's I/O work (see
> http://blogs.perl.org/users/zoffix_znet/2017/04/perl-6-io-tpf-grant-
> monthly-report-april-2017.html). Thanks!
>
> I think that the only thing lacking is a good regression test in
> roast. I could easily write a Unix-specific test, but I think we want
> something more general.

What was "fixed" is chdir by default only does the `.d` test now (it used to do `.r` test too).
If that's what was needed, then there's a hole battery[^1] of tests covering this behaviour.

But I suspect the old behaviour is still there when doing `chdir :d, :r, 'some dir'`, so it does the `.r` too.
THAT should respect group privileges, right?

[1] https://github.com/perl6/roast/blob/9b51341b6c77bfe6f0ce045431942eadc4301d78/S32-io/chdir.t#L61-L140




--
brandon s allbery kf8nh                               sine nomine associates
allbery.b@gmail.com                                  ballbery@sinenomine.net
unix, openafs, kerberos, infrastructure, xmonad        http://sinenomine.net
RT-Send-CC: perl6-compiler [...] perl.org
Download (untitled) / with headers
text/plain 354b
On Mon, 17 Jul 2017 16:12:05 -0700, allbery.b@gmail.com wrote: Show quoted text
> It should not be testing, it should just try to do the operation and > complain after if it fails. Race conditions should not be a language > 'feature'.
We're talking about &chdir() not &*chdir(). Aside from setting $*CWD, testing is all it does and without testing, it'll never fail.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

For issues related to this RT instance (aka "perlbug"), please contact perlbug-admin at perl.org