Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement eaccess/faccessat on platforms that support it #1373

Closed
Kixunil opened this issue Jan 12, 2021 · 3 comments · Fixed by #1842
Closed

Implement eaccess/faccessat on platforms that support it #1373

Kixunil opened this issue Jan 12, 2021 · 3 comments · Fixed by #1842

Comments

@Kixunil
Copy link
Contributor

Kixunil commented Jan 12, 2021

I need to check access with EUID in my application and perhaps instead of implementing it privately, upstreaming to nix would be nicer. Not sure if there should be an unified interface or a thin layer only wrapping each function for its respective platform.

I think having eaccess, which internally calls faccessat on Linux would make sense, but maybe having faccessat exposed too would be useful.

But why would you need eaccess? It's useless
I have an application that runs as root but want to do a bunch of sanity checks during start. These checks include checking if certain files are accessible as other user (because the application may fork & setuid & exec later and the given user should have access to those files) and that they are not writable by unauthorized users (nobody) - similar to what SSH does.
@asomers
Copy link
Member

asomers commented Jan 13, 2021

It would definitely be worthwhile to add faccessat. But eaccess can't do anything that faccessat can't do too, right?

@Kixunil
Copy link
Contributor Author

Kixunil commented Jan 13, 2021

Correct. I'm not sure if faccessat is supported on every unix, probably not. I only checked Linux that has faccessat and doesn't have eaccess and randomly saw some BSD man page having both.

@SteveLauC
Copy link
Member

But why would you need eaccess? It's useless
I have an application that runs as root but want to do a bunch of sanity checks during start. These checks include checking if certain files are accessible as other user (because the application may fork & setuid & exec later and the given user should have access to those files) and that they are not writable by unauthorized users (nobody) - similar to what SSH does.

Sounds like you need access/faccessat instead of eaccess, cite the linux man page:

This allows set-user-ID programs and capability-endowed programs
       to easily determine the invoking user's authority.  In other
       words, access() does not answer the "can I read/write/execute
       this file?" question.  It answers a slightly different question:
       "(assuming I'm a setuid binary) can the user who invoked me
       read/write/execute this file?", which gives set-user-ID programs
       the possibility to prevent malicious users from causing them to
       read files which users shouldn't be able to read.

I only checked Linux that has faccessat and doesn't have eaccess

Linux (both glibc and musl) has eaccess(3)

But eaccess can't do anything that faccessat can't do too, right?

eaccess checks the permission using EUID while faccessat uses RUID, eaccess can do something that faccessat/access can't.

@SteveLauC SteveLauC mentioned this issue Oct 10, 2022
Merged
@bors bors bot closed this as completed in 0d6cc18 Oct 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add eaccess on freebsd, dragonfly and linux SteveLauC/nix
3 participants
@asomers @Kixunil @SteveLauC