summaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2008-06-09 23:38:38 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2008-06-09 23:38:38 +0000
commit6ab91dcac15548bdc6bcffa3890577632f184bfd (patch)
tree8ff9467b7fc42b782aaab7f51a457123319dcb7c /lib/libc
parent12fc9e1c5534a9b647e6974808513f5f34652019 (diff)
Update access(2) to have modern semantics with respect to X_OK and
the superuser. access(2) will now only indicate success for X_OK on non-directories if there is at least one execute bit set on the file. OK deraadt@ thib@ otto@
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/sys/access.224
1 files changed, 16 insertions, 8 deletions
diff --git a/lib/libc/sys/access.2 b/lib/libc/sys/access.2
index b2217493c3c..701b0c923f7 100644
--- a/lib/libc/sys/access.2
+++ b/lib/libc/sys/access.2
@@ -1,4 +1,4 @@
-.\" $OpenBSD: access.2,v 1.12 2007/05/31 19:19:32 jmc Exp $
+.\" $OpenBSD: access.2,v 1.13 2008/06/09 23:38:37 millert Exp $
.\" $NetBSD: access.2,v 1.7 1995/02/27 12:31:44 cgd Exp $
.\"
.\" Copyright (c) 1980, 1991, 1993
@@ -30,7 +30,7 @@
.\"
.\" @(#)access.2 8.2 (Berkeley) 4/1/94
.\"
-.Dd $Mdocdate: May 31 2007 $
+.Dd $Mdocdate: June 9 2008 $
.Dt ACCESS 2
.Os
.Sh NAME
@@ -69,13 +69,20 @@ and the real group access list
(including the real group ID) is
used in place of the effective ID for verifying permission.
.Pp
-Even if a process has appropriate privileges and indicates success for
-.Dv X_OK ,
-the file may not actually have execute permission bits set.
-Likewise for
+If the invoking process has superuser privileges,
+.Fn access
+will always indicate success for
.Dv R_OK
and
-.Dv W_OK .
+.Dv W_OK ,
+regardless of the actual file permission bits.
+Likewise, for
+.Dv X_OK ,
+if the file has any of the execute bits set and
+.Fa path
+is not a directory,
+.Fn
+will indicate success.
.Sh RETURN VALUES
If
.Fa path
@@ -131,4 +138,5 @@ function conforms to
.St -p1003.1-90 .
.Sh CAVEATS
.Fn access
-is a potential security hole and should never be used.
+should never be used for actual access control.
+Doing so can result in a time of check vs. time of use security hole.