Built-in "test -x" fails for root on FreeBSD

Sat, 27 Mar 2010 07:08:15 -0700 

Configuration Information [Automatically generated, do not change]:
Machine: i686
OS: freebsd7.2
Compiler: i686-gentoo-freebsd7.2-gcc
Compilation CFLAGS: -DPROGRAM='bash' -DCONF_HOSTTYPE='i686' - DCONF_OSTYPE='freebsd7.2' -DCONF_MACHTYPE='i686-gentoo-freebsd7.2' - DCONF_VENDOR='gentoo' -DLOCALEDIR='/usr/share/locale' -DPACKAGE='bash' -DSHELL -DHAVE_CONFIG_H -I. -I. -I./include -I./lib - DDEFAULT_PATH_VALUE='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/ bin:/sbin:/bin' -DSTANDARD_UTILS_PATH='/bin:/usr/bin:/sbin:/usr/sbin' - DSYS_BASHRC='/etc/bash/bashrc' -DSYS_BASH_LOGOUT='/etc/bash/ bash_logout' -DNON_INTERACTIVE_LOGIN_SHELLS -DSSH_SOURCE_BASHRC - march=pentium4 -O2 -pipe -fomit-frame-pointer uname output: FreeBSD life 7.2-RELEASE FreeBSD Gentoo 7.2-r3 #2: Mon Feb 1 20:13:21 CST 2010 hat...@life:/usr/src/sys-7.2-r3/i386/ compile/LIFE i386 
Machine Type: i686-gentoo-freebsd7.2

Bash Version: 4.1
Patch Level: 2
Release Status: release

Description:
  The bash built-in test command fails to correctly report executable
  status for non-executable files when run by root on FreeBSD.  On
  FreeBSD, bash calls eaccess(2) to find the executable status, but
  according to the man page "even if a process's real or effective user
has appropriate privileges and indicates success for X_OK, the file may 
  not actually have execute permission bits set". The attached patch is
  based on source from FreeBSD's stand-alone test,
  http://www.freebsd.org/cgi/cvsweb.cgi/src/bin/test/test.c.

Repeat-By:
  su -
  bash
  test -x /etc/passwd && echo "is executable"

Fix:
--- lib/sh/eaccess.c.orig       2010-02-03 21:26:08 -0600
+++ lib/sh/eaccess.c    2010-02-03 21:56:32 -0600
@@ -198,11 +198,19 @@
      char *path;
      int mode;
 {
+  struct stat s;
+  int ret;
+
   if (path_is_devfd (path))
     return (sh_stataccess (path, mode));

 #if defined (HAVE_EACCESS)             /* FreeBSD */
-  return (eaccess (path, mode));
+  if (stat (path, &s) != 0)
+    return (-1);
+  ret = eaccess (path, mode);
+ if (mode == X_OK && ret == 0 && !S_ISDIR(s.st_mode) && geteuid() == 0) 
+    return ((s.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0 ? -1 : 0);
+  return (ret);
 #elif defined (EFF_ONLY_OK)            /* SVR4(?), SVR4.2 */
   return access (path, mode|EFF_ONLY_OK);
 #else

Reply via email to