|Summary:||/etc/profile incorrectly checks for executable bit|
|Product:||[Retired] Red Hat Linux||Reporter:||Philip Rowlands <phr>|
|Component:||setup||Assignee:||Bill Nottingham <notting>|
|Status:||CLOSED RAWHIDE||QA Contact:||David Lawrence <dkl>|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2001-04-18 02:01:02 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Philip Rowlands 2001-04-11 22:07:18 UTC
/etc/profile contains the following lines: for i in /etc/profile.d/*.sh ; do if [ -x $i ]; then . $i fi done The test should be for read (-r) rather than execute (-x), because source'ing a file reads it. While you're at it, could you also fix /etc/csh.cshrc to use "-r" for this test?
Comment 1 Trond Eivind Glomsrxd 2001-04-17 21:44:42 UTC
That's not a bug, it's just an easy way to turn it off :)
Comment 2 Philip Rowlands 2001-04-18 02:00:57 UTC
I would respectfully suggest that there are other ways to turn it off without requiring this broken behaviour (e.g rename to *.sh.x). It is a bug because it's no guard against the conditional action successfully reading the file (ditto for csh.cshrc). Being able to execve() a file is not the same as being able to open() it. I'm not reporting this to be pedantic; I've seen RPMs packaged by people who thought that a script file which is sourced needs read permissions; no more.
Comment 3 Bill Nottingham 2001-06-12 20:14:32 UTC
Will be fixed in 2.4.11-1; thanks!