Bug 222177 - File::writable? gives incorrect result if process changes euid/egid
Summary: File::writable? gives incorrect result if process changes euid/egid
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: ruby
Version: 5.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Akira TAGOH
QA Contact: Bill Huang
URL:
Whiteboard:
Depends On:
Blocks: 229475
TreeView+ depends on / blocked
 
Reported: 2007-01-10 19:09 UTC by David Lutterkort
Modified: 2013-04-30 23:40 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-06-05 20:43:42 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
Ruby script demonstrating the problem (run as root) (645 bytes, text/plain)
2007-01-10 19:09 UTC, David Lutterkort
no flags Details

Description David Lutterkort 2007-01-10 19:09:33 UTC
When a ruby script running as root changes euid/egid, the results of
File::writable?(f) and File::stat(f).writable? will differ because one uses
glibc's eaccess while the other doesn't (and File::writable? is wrong). The
attached program demonstrates the problem.

This bug is ultimately caused by a bug in glibc's eaccess
(http://sourceware.org/bugzilla/show_bug.cgi?id=3846) but it's a separate
regression in ruby-1.8.5 (compared to earlier versions of the ruby RPM) since
the ruby-1.8.5 rpm's now use eaccess where older ones used ruby's own code to
simulate eaccess.

A simple fix would be to build ruby w/o HAVE_EACCESS as it has been build in the
past until the glibc bug is fixed.

Comment 1 David Lutterkort 2007-01-10 19:09:33 UTC
Created attachment 145276 [details]
Ruby script demonstrating the problem (run as root)

Comment 2 RHEL Program Management 2007-06-05 20:43:42 UTC
This request was evaluated by Red Hat Product Management for
inclusion in a Red Hat Enterprise Linux release.  Since this
bugzilla is in a component that is not approved for the current
release, it has been closed with resolution deferred.  You may
reopen this bugzilla for consideration in the next release.


Note You need to log in before you can comment on or make changes to this bug.