Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > gnu.bash.bug > #14739

Re: [minor] umask 400 causes here-{doc,string} failure

Path csiph.com!fu-berlin.de!usenet.stanford.edu!not-for-mail
From Martijn Dekker <martijn@inlv.org>
Newsgroups gnu.bash.bug
Subject Re: [minor] umask 400 causes here-{doc,string} failure
Date Sun, 28 Oct 2018 22:05:15 +0000
Lines 58
Approved bug-bash@gnu.org
Message-ID <mailman.2970.1540764342.1284.bug-bash@gnu.org> (permalink)
References <20180311151742.GB6450@chaz.gmail.com> <d86f6764-bc53-834b-0ce2-ad3155e108a8@iki.fi>
NNTP-Posting-Host lists.gnu.org
Mime-Version 1.0
Content-Type text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding 7bit
X-Trace usenet.stanford.edu 1540764342 25027 208.118.235.17 (28 Oct 2018 22:05:42 GMT)
X-Complaints-To action@cs.stanford.edu
Cc Ilkka Virta <itvirta@iki.fi>, Stephane Chazelas <stephane.chazelas@gmail.com>
To Bug reports for the GNU Bourne Again SHell <bug-bash@gnu.org>
Envelope-to bug-bash@gnu.org
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
In-Reply-To <d86f6764-bc53-834b-0ce2-ad3155e108a8@iki.fi>
Content-Language en-GB
X-detected-operating-system by eggs.gnu.org: GNU/Linux 3.x
X-Received-From 37.59.109.123
X-BeenThere bug-bash@gnu.org
X-Mailman-Version 2.1.21
Precedence list
List-Id Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org>
List-Unsubscribe <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe>
List-Archive <http://lists.gnu.org/archive/html/bug-bash/>
List-Post <mailto:bug-bash@gnu.org>
List-Help <mailto:bug-bash-request@gnu.org?subject=help>
List-Subscribe <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe>
Xref csiph.com gnu.bash.bug:14739

Show key headers only | View raw

Op 11-03-18 om 17:31 schreef Ilkka Virta:
> On 11.3. 17:17, Stephane Chazelas wrote:
>> $ bash -c 'umask 400; cat <<< test'
>> bash: cannot create temp file for here-document: Permission denied
> 
>> Those shells use temporary files to store the content of the
>> here-documents as the Bourne shell initially did, and open them
>> in read-only mode to make it cat's stdin.
>>
>> When umask contains the 0400 bit, the file is created without
>> read permission to the user, hence the error upon that second
>> open().
>> I can think of several ways to address it:
>>
>> 1- do nothing and blame the user
>> 2- open the file only once for both
>> writing the content and making it the command's stdin
>> 3. use a pipe instead of a temp file
>> 4. Reset the umask temporarily to 077
> 
> One more came to mind:
> 
> 5. manually chmod() the tempfile to 0400 or 0600 if the open() for 
> reading fails with EACCES, and then retry. Should be doable with a 
> localized change to that particular error condition, without changing 
> the overall behaviour.

Unless I'm missing something, there should be no reason for an internal 
temp file to have any permissions other than 0600 (user 
readable/writable), so it seems to me that an fchmod call straight after 
creating the file and before returning the fd is the simplest way of 
fixing the bug; this makes the permissions of internal temp files 
entirely independent of the umask.

diff --git a/lib/sh/tmpfile.c b/lib/sh/tmpfile.c
index e41e45b..1805cdf 100644
--- a/lib/sh/tmpfile.c
+++ b/lib/sh/tmpfile.c
@@ -203,7 +203,6 @@ sh_mktmpfd (nameroot, flags, namep)
      }
    if (namep)
      *namep = filename;
-  return fd;
  #else /* !USE_MKSTEMP */
    sh_seedrand ();
    do
@@ -224,8 +223,9 @@ sh_mktmpfd (nameroot, flags, namep)
    else
      free (filename);

-  return fd;
  #endif /* !USE_MKSTEMP */
+  fchmod(fd, S_IRUSR | S_IWUSR);
+  return fd;
  }

  FILE *

Back to gnu.bash.bug | Previous | Next | Find similar | Unroll thread

Thread

Re: [minor] umask 400 causes here-{doc,string} failure Martijn Dekker <martijn@inlv.org> - 2018-10-28 22:05 +0000

csiph-web