Path: csiph.com!fu-berlin.de!usenet.stanford.edu!not-for-mail
From: Martijn Dekker <martijn@inlv.org>
Newsgroups: gnu.bash.bug
Subject: Re: [minor] umask 400 causes here-{doc,string} failure
Date: Sun, 28 Oct 2018 22:05:15 +0000
Lines: 58
Approved: bug-bash@gnu.org
Message-ID: <mailman.2970.1540764342.1284.bug-bash@gnu.org>
References: <20180311151742.GB6450@chaz.gmail.com> <d86f6764-bc53-834b-0ce2-ad3155e108a8@iki.fi>
NNTP-Posting-Host: lists.gnu.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: usenet.stanford.edu 1540764342 25027 208.118.235.17 (28 Oct 2018 22:05:42 GMT)
X-Complaints-To: action@cs.stanford.edu
Cc: Ilkka Virta <itvirta@iki.fi>, Stephane Chazelas <stephane.chazelas@gmail.com>
To: Bug reports for the GNU Bourne Again SHell <bug-bash@gnu.org>
Envelope-to: bug-bash@gnu.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
In-Reply-To: <d86f6764-bc53-834b-0ce2-ad3155e108a8@iki.fi>
Content-Language: en-GB
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x
X-Received-From: 37.59.109.123
X-BeenThere: bug-bash@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Bug reports for the GNU Bourne Again SHell <bug-bash.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/bug-bash/>
List-Post: <mailto:bug-bash@gnu.org>
List-Help: <mailto:bug-bash-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-bash>, <mailto:bug-bash-request@gnu.org?subject=subscribe>
Xref: csiph.com gnu.bash.bug:14739

Op 11-03-18 om 17:31 schreef Ilkka Virta:
> On 11.3. 17:17, Stephane Chazelas wrote:
>> $ bash -c 'umask 400; cat <<< test'
>> bash: cannot create temp file for here-document: Permission denied
> 
>> Those shells use temporary files to store the content of the
>> here-documents as the Bourne shell initially did, and open them
>> in read-only mode to make it cat's stdin.
>>
>> When umask contains the 0400 bit, the file is created without
>> read permission to the user, hence the error upon that second
>> open().
>> I can think of several ways to address it:
>>
>> 1- do nothing and blame the user
>> 2- open the file only once for both
>> writing the content and making it the command's stdin
>> 3. use a pipe instead of a temp file
>> 4. Reset the umask temporarily to 077
> 
> One more came to mind:
> 
> 5. manually chmod() the tempfile to 0400 or 0600 if the open() for 
> reading fails with EACCES, and then retry. Should be doable with a 
> localized change to that particular error condition, without changing 
> the overall behaviour.

Unless I'm missing something, there should be no reason for an internal 
temp file to have any permissions other than 0600 (user 
readable/writable), so it seems to me that an fchmod call straight after 
creating the file and before returning the fd is the simplest way of 
fixing the bug; this makes the permissions of internal temp files 
entirely independent of the umask.

diff --git a/lib/sh/tmpfile.c b/lib/sh/tmpfile.c
index e41e45b..1805cdf 100644
--- a/lib/sh/tmpfile.c
+++ b/lib/sh/tmpfile.c
@@ -203,7 +203,6 @@ sh_mktmpfd (nameroot, flags, namep)
      }
    if (namep)
      *namep = filename;
-  return fd;
  #else /* !USE_MKSTEMP */
    sh_seedrand ();
    do
@@ -224,8 +223,9 @@ sh_mktmpfd (nameroot, flags, namep)
    else
      free (filename);

-  return fd;
  #endif /* !USE_MKSTEMP */
+  fchmod(fd, S_IRUSR | S_IWUSR);
+  return fd;
  }

  FILE *