Daniel Webb wrote:
> On Wed, Apr 12, 2006 at 07:51:53PM +1000, Nathan Scott wrote:
>
> > Please do... actions speak alot louder than words.
>
> [I'm CCing security because I already wrote them about this]
>
> I've never used any of these libraries, so bear with me...
>
> (looking at the Debian stable version)
>
> setfacl.c line 341:
>
> if (nftw(file, __do_set, 0, opt_walk_physical * FTW_PHYS) < 0) {
>
> this is the tree walk function described by 'man nftw', so seems pretty
> straightforward... the __do_set function called by nftw as it walks the tree
> has:
>
> if (S_ISLNK(stat->st_mode) &&
> (opt_walk_physical || (ftw->level > 0 && !opt_walk_logical)))
return 0;
If I understand correctly, this fails to return 0 in the following
case:
S_ISLINK = true
opt_walk_physical = false (default)
opt_walk_logical = true (default) || ftw->level <= 0
My guess is that the documentation is wrong.
Or maybe the following code was intended:
if (S_ISLNK(stat->st_mode) &&
(opt_walk_physical || (ftw->level > 0 && opt_walk_logical)))
return 0; // ^
> but I stuck a printf before that line which shows that S_ISLNK(stat->st_mode)
> is always returning 0, even when the file is in fact a symlink. So either
> this is actually a bug in nftw(), or I don't properly understand how nftw is
> supposed to be used. I don't see anything wrong with the setfacl code.
Maybe nftw uses stat() instead of lstat()? In that case, the S_ISLNK()
macro is useless and setfacl needs to call lstat on its own.
> I'll see if I can dig into nftw() tomorrow if someone else who knows what
> they're doing hasn't already figured this out by then.
Any progress?
Regards,
Joey
--
Long noun chains don't automatically imply security. -- Bruce Schneier
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
