X-Recipient:	archive-cygwin AT delorie DOT com
X-Spam-Check-By:	sourceware.org
Date:	Mon, 10 Aug 2009 18:40:57 +0200
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Cc:	Reini Urban <rurban AT x-ray DOT at>
Subject:	Perl bug (was Re: [1.7] cygwin allows writing to readonly files)
Message-ID:	<20090810164057.GV3204@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com, Reini Urban <rurban AT x-ray DOT at>
References:	<e2480c70908100619m906f5dfj794823f22c7604bc AT mail DOT gmail DOT com> <20090810132515 DOT GP3204 AT calimero DOT vinschen DOT de> <e2480c70908100911j520101cftbaf4dc3eb08b109e AT mail DOT gmail DOT com>
MIME-Version:	1.0
In-Reply-To:	<e2480c70908100911j520101cftbaf4dc3eb08b109e@mail.gmail.com>
User-Agent:	Mutt/1.5.19 (2009-02-20)
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com

On Aug 10 20:11, Alexey Borzenkov wrote:
> On Mon, Aug 10, 2009 at 5:25 PM, Corinna
> Vinschen<corinna-cygwin AT cygwin DOT com> wrote:
> > That's a bug in your testsuite.  I assume you're running the tests as
> > administrator, right?  Administrators have the right to write to all
> > files, even R/O files, according to POSIX rules.  Your test would fail
> > on Linux as well, if you're running it as root.
> 
> Well, it's not my testsuite, but yes, I'm running under administrator
> account. But it makes me wonder, how does it work? Do you change ACLs
> temporarily?

No.  It's a "user privileges" thingy.  See
http://msdn.microsoft.com/en-us/library/aa379306%28VS.85%29.aspx

The SE_BACKUP_NAME and SE_RESTORE_NAME privileges are in the
administrator's user token, but they are not enabled by default.  Cygwin
just enables them at startup time, if they are available in the user
token.  Therefore, a Cygwin process has the usual POSIX-like permissions
for admin users.  It's no magic which isn't available to any other
native Win32 application.

> Anyway, it means there is a bug in perl, because on Linux:
> 
> root AT kitsu:~# touch test.txt
> root AT kitsu:~# chmod 0444 test.txt
> root AT kitsu:~# perl -e 'print "writable\n" if -w "test.txt"'
> writable
> 
> On Cygwin 1.7 perl thinks that the file is not writable.

Indeed.  Checking with strace I found that the test is the same on Linux
and Cygwin.  In both cases perl uses stat(), and the returned permissions
are the same (0444).  Further experimenting shows that perl has a
hardcoded uid == 0 test which must obviously fail on Cygwin.  If I change
the user's uid to 0, the string "writable" is printed by the above command.

That's a bug in perl.  There are other OSes out there which have
root-like permissions for non-0 uids.  Perl should use the access()
function to check for read/write/execute permissions, which always
returns the correct result independent of the uid of the current user.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -