Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / db4f43f0150836941f56a4d2e2923f7182328607 / . / ap / libc / glibc / glibc-2.22 / sysdeps / posix / euidaccess.c
blob: 15340572c33c8c452f3803761b48e124a164e004 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/* Check if effective user id can access file
2 Copyright (C) 1990-2015 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
9
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <http://www.gnu.org/licenses/>. */
18
19/* Written by David MacKenzie and Torbjorn Granlund.
20 Adapted for GNU C library by Roland McGrath. */
21
22#ifdef HAVE_CONFIG_H
23# include <config.h>
24#endif
25
26#include <sys/types.h>
27#include <sys/stat.h>
28
29#ifdef S_IEXEC
30# ifndef S_IXUSR
31# define S_IXUSR S_IEXEC
32# endif
33# ifndef S_IXGRP
34# define S_IXGRP (S_IEXEC >> 3)
35# endif
36# ifndef S_IXOTH
37# define S_IXOTH (S_IEXEC >> 6)
38# endif
39#endif /* S_IEXEC */
40
41#if defined HAVE_UNISTD_H || defined _LIBC
42# include <unistd.h>
43#endif
44
45#ifndef _POSIX_VERSION
46uid_t getuid ();
47gid_t getgid ();
48uid_t geteuid ();
49gid_t getegid ();
50#endif /* not POSIX_VERSION */
51
52#include <errno.h>
53#ifndef errno
54extern int errno;
55#endif
56#ifndef __set_errno
57# define __set_errno(val) errno = (val)
58#endif
59
60#if defined EACCES && !defined EACCESS
61# define EACCESS EACCES
62#endif
63
64#ifndef F_OK
65# define F_OK 0
66# define X_OK 1
67# define W_OK 2
68# define R_OK 4
69#endif
70
71#if !defined S_IROTH && defined R_OK
72# define S_IROTH R_OK
73#endif
74#if !defined S_IWOTH && defined W_OK
75# define S_IWOTH W_OK
76#endif
77#if !defined S_IXOTH && defined X_OK
78# define S_IXOTH X_OK
79#endif
80
81
82#ifdef _LIBC
83
84# define group_member __group_member
85# define euidaccess __euidaccess
86
87#else
88
89/* The user's real user id. */
90static uid_t uid;
91
92/* The user's real group id. */
93static gid_t gid;
94
95/* The user's effective user id. */
96static uid_t euid;
97
98/* The user's effective group id. */
99static gid_t egid;
100
101/* Nonzero if UID, GID, EUID, and EGID have valid values. */
102static int have_ids;
103
104# ifdef HAVE_GETGROUPS
105int group_member ();
106# else
107# define group_member(gid) 0
108# endif
109
110#endif
111
112
113/* Return 0 if the user has permission of type MODE on file PATH;
114 otherwise, return -1 and set `errno' to EACCESS.
115 Like access, except that it uses the effective user and group
116 id's instead of the real ones, and it does not check for read-only
117 filesystem, text busy, etc. */
118
119int
120euidaccess (path, mode)
121 const char *path;
122 int mode;
123{
124 struct stat64 stats;
125 int granted;
126
127#ifdef _LIBC
128 uid_t euid;
129 gid_t egid;
130#else
131 if (have_ids == 0)
132 {
133 have_ids = 1;
134 uid = getuid ();
135 gid = getgid ();
136 euid = geteuid ();
137 egid = getegid ();
138 }
139
140 if (uid == euid && gid == egid)
141 /* If we are not set-uid or set-gid, access does the same. */
142 return access (path, mode);
143#endif
144
145 if (stat64 (path, &stats))
146 return -1;
147
148 mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
149#if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
150 ?error Oops, portability assumptions incorrect.
151#endif
152
153 if (mode == F_OK)
154 return 0; /* The file exists. */
155
156#ifdef _LIBC
157 /* Now we need the IDs. */
158 euid = __geteuid ();
159 egid = __getegid ();
160
161 if (__getuid () == euid && __getgid () == egid)
162 /* If we are not set-uid or set-gid, access does the same. */
163 return __access (path, mode);
164#endif
165
166 /* The super-user can read and write any file, and execute any file
167 that anyone can execute. */
168 if (euid == 0 && ((mode & X_OK) == 0
169 || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
170 return 0;
171
172 if (euid == stats.st_uid)
173 granted = (unsigned int) (stats.st_mode & (mode << 6)) >> 6;
174 else if (egid == stats.st_gid || group_member (stats.st_gid))
175 granted = (unsigned int) (stats.st_mode & (mode << 3)) >> 3;
176 else
177 granted = (stats.st_mode & mode);
178 /* XXX Add support for ACLs. */
179 if (granted == mode)
180 return 0;
181 __set_errno (EACCESS);
182 return -1;
183}
184#undef euidaccess
185#undef eaccess
186#ifdef weak_alias
187weak_alias (__euidaccess, euidaccess)
188weak_alias (__euidaccess, eaccess)
189#endif
190
191#ifdef TEST
192# include <stdio.h>
193# include <errno.h>
194# include "error.h"
195
196char *program_name;
197
198int
199main (argc, argv)
200 int argc;
201 char **argv;
202{
203 char *file;
204 int mode;
205 int err;
206
207 program_name = argv[0];
208 if (argc < 3)
209 abort ();
210 file = argv[1];
211 mode = atoi (argv[2]);
212
213 err = euidaccess (file, mode);
214 printf ("%d\n", err);
215 if (err != 0)
216 error (0, errno, "%s", file);
217 exit (0);
218}
219#endif