Renaat Debaene
|
access() not behaving as expected
|
Renaat Debaene
06/20/2023 5:26 AM
post122327
|
access() not behaving as expected
The POSIX call access() seems to behave not as expected on QNX. According to the doc, access() uses the *real* user ID
to check if a file can be accessed. The Linux call effectively does this. But on QNX, it seems to use the *effective*
user ID.
Test environment: QNX 7.1.0
Setup (a file only readable by root, 2 versions of the tool readable, one suid, one not) (the tool readable is the
example from the access() documentation with some printf() statements for the different IDs):
$ ls -al
total 55
drwxr-xr-x 2 root root 4096 Jun 12 01:36 .
drwxr-xr-x 6 root root 4096 Jun 12 01:36 ..
-rw------- 1 root root 74 Jun 12 01:36 data
-rwxr-xr-x 1 root root 9696 Jun 12 01:31 readable
-rwsr-xr-x 1 root root 9696 Jun 12 01:35 readable_suid
Test output:
$ ./readable data
geteuid(): 1000 - effective user ID
getegid(): 4004 - effective group ID
getuid(): 1000 - user ID
getgid(): 4004 - group ID
data: Permission denied
=> as expected
$ ./readable_suid data
geteuid(): 0 - effective user ID
getegid(): 4004 - effective group ID
getuid(): 1000 - user ID
getgid(): 4004 - group ID
ok to read data
=> The last response ("ok to read data") is unexpected because the code is running with real user ID 1000. When doing a
similar test on Linux, I get "permission denied".
Is my understanding of access() wrong, or is this a bug in QNX or my configuration?
|
|
|