1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
|
/*
* SCCS: @(#)eaccess.c 1.12 (99/04/21)
*
* UniSoft Ltd., London, England
*
* (C) Copyright 1992 X/Open Company Limited
*
* All rights reserved. No part of this source code may be reproduced,
* stored in a retrieval system, or transmitted, in any form or by any
* means, electronic, mechanical, photocopying, recording or otherwise,
* except as stated in the end-user licence agreement, without the prior
* permission of the copyright owners.
*
* X/Open and the 'X' symbol are trademarks of X/Open Company Limited in
* the UK and other countries.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
/************************************************************************
SCCS: @(#)eaccess.c 1.12 99/04/21 TETware release 3.3
NAME: eaccess.c
PRODUCT: TETware
AUTHOR: Andrew Dingwall, UniSoft Ltd.
DATE CREATED: June 1992
DESCRIPTION:
function to check access permissions wrt effective user and group IDs
MODIFICATIONS:
Andrew Dingwall, UniSoft Ltd., January 1994
use S_ISDIR instead of S_IFMT for strict posix conformance
Geoff Clare, UniSoft Ltd., August 1996
Missing <unistd.h>.
Andrew Dingwall, UniSoft Ltd., March 1999
On UNIX systems, check group permissions w.r.t. supplementary
group IDs as well as against the egid.
Aaron Plattner, April 2010
Fixed warnings when compiled with GCC's -Wall option.
************************************************************************/
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
# include <limits.h>
# include <unistd.h>
#include "dtmac.h"
#include "error.h"
#include "ltoa.h"
#include "dtetlib.h"
/* static function declarations */
static int check_grouplist PROTOLIST((struct STAT_ST *, int));
/*
** tet_eaccess() - like access() but checks permissions wrt
** effective user and group IDs
**
** Note: this routine assumes that access and file modes are
** encoded in the traditional way; ie: 4 = read, 2 = write, 1 = exec
** user perms = 0700, group perms = 070, other perms = 07.
**
** Since this routine provides support for the tccd OP_ACCESS
** request (among other things) and thus needs to be able to
** receive a mode argument from another system, it will be necessary
** to implement a machine-independent mode transfer mechanism if
** the above assumption is incorrect for a particular system.
*/
int tet_eaccess(path, mode)
char *path;
register int mode;
{
struct STAT_ST stbuf;
uid_t euid;
int rc, rc2;
/*
** first check for things like non-existent file,
** read-only file system etc.
*/
if (ACCESS(path, mode) < 0) {
if (errno != EACCES)
return(-1);
}
else
if ((mode &= 07) == 0)
return(0);
/*
** here if access() succeeded, or failed because of wrong permissions;
** first get the file permissions
*/
if (STAT(path, &stbuf) < 0)
return(-1);
/*
** check the permissions wrt the euid, the egid and the
** supplementary groups list;
** treating root specially (like the kernel does)
*/
rc = 0;
if ((euid = geteuid()) == 0) {
if (!S_ISDIR(stbuf.st_mode) &&
(stbuf.st_mode & 0111) == 0 && (mode & 01))
rc = -1;
}
else if (stbuf.st_uid == euid) {
if (((stbuf.st_mode >> 6) & mode) != mode)
rc = -1;
}
else if (stbuf.st_gid == getegid()) {
if (((stbuf.st_mode >> 3) & mode) != mode)
rc = -1;
}
else {
rc2 = check_grouplist(&stbuf, mode);
switch (rc2) {
case 2:
break;
case 1:
rc = -1;
break;
case 0:
if ((stbuf.st_mode & mode) != mode)
rc = -1;
break;
case -1:
return(-1);
default:
/* "can't happen" */
fatal(0, "check_grouplist() returned unexpected value",
tet_i2a(rc2));
/* NOTREACHED */
return(-1);
}
}
if (rc < 0)
errno = EACCES;
return(rc);
}
/*
** check_grouplist() - check the requested access mode against
** the process's supplementary grouplist
**
** return 2 if a supplementary group matched and group access is allowed
** 1 if a supplementary group matched but group access is
** not allowed
** 0 if no supplementary groups matched
** -1 on error (with errno set)
*/
static int check_grouplist(stp, mode)
struct STAT_ST *stp;
int mode;
{
int errsave, ngids, ngmax;
gid_t *gidp;
static gid_t *gids = (gid_t *) 0;
static int lgids = 0;
/*
** allocate a buffer to hold the supplementary group list;
** we only evaluate NGROUPS_MAX once because on some systems it
** can be a call to sysconf()
*/
ngmax = (int) NGROUPS_MAX;
if (BUFCHK((char **) &gids, &lgids, ngmax * (int) sizeof *gidp) < 0) {
errno = ENOMEM;
return(-1);
}
/*
** get the supplementary group list from the kernel;
** it probably won't change from one invocation of tet_eaccess() to
** the next, but we get it on each call just to be on the safe side
**/
if ((ngids = getgroups(ngmax, gids)) < 0) {
errsave = errno;
error(errno, "can't get supplementary group list", (char *) 0);
errno = errsave;
return(-1);
}
/*
** check the file's group id against each supplementary group;
** if the groups match, see if the requested access permission(s)
** will be granted
*/
for (gidp = gids; gidp < gids + ngids; gidp++)
if (stp->st_gid == *gidp)
return(((stp->st_mode >> 3) & mode) == mode ? 2 : 1);
return(0);
}
|
