search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
(eval, eval7, eval6, eval5, eval4, eval3, eval2, eval1):
[coreutils.git] / lib / euidaccess.c
blob772cf6f1fb1b9d8001743246241be5874050372b
1 /* euidaccess -- check if effective user id can access file
2
3 Copyright (C) 1990, 1991, 1995, 1998, 2000, 2003 Free Software
4 Foundation, Inc.
5
6 This file is part of the GNU C Library.
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2, or (at your option)
11 any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License along
19 with this program; if not, write to the Free Software Foundation,
20 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
21
22 /* Written by David MacKenzie and Torbjorn Granlund.
23 Adapted for GNU C library by Roland McGrath. */
24
25 #if HAVE_CONFIG_H
26 # include <config.h>
27 #endif
28
29 #ifndef _LIBC
30 # include "euidaccess.h"
31 #endif
32
33 #include <sys/types.h>
34 #include <sys/stat.h>
35
36 #ifdef S_IEXEC
37 # ifndef S_IXUSR
38 # define S_IXUSR S_IEXEC
39 # endif
40 # ifndef S_IXGRP
41 # define S_IXGRP (S_IEXEC >> 3)
42 # endif
43 # ifndef S_IXOTH
44 # define S_IXOTH (S_IEXEC >> 6)
45 # endif
46 #endif /* S_IEXEC */
47
48 #if defined (HAVE_UNISTD_H) || defined (_LIBC)
49 # include <unistd.h>
50 #endif
51
52 #ifdef _POSIX_VERSION
53 # include <limits.h>
54 # if !defined(NGROUPS_MAX) || NGROUPS_MAX < 1
55 # undef NGROUPS_MAX
56 # define NGROUPS_MAX sysconf (_SC_NGROUPS_MAX)
57 # endif /* NGROUPS_MAX */
58
59 #else /* not _POSIX_VERSION */
60 uid_t getuid ();
61 gid_t getgid ();
62 uid_t geteuid ();
63 gid_t getegid ();
64 # include <sys/param.h>
65 # if !defined(NGROUPS_MAX) && defined(NGROUPS)
66 # define NGROUPS_MAX NGROUPS
67 # endif /* not NGROUPS_MAX and NGROUPS */
68 #endif /* not POSIX_VERSION */
69
70 #include <errno.h>
71 #ifndef errno
72 extern int errno;
73 #endif
74 #ifndef __set_errno
75 # define __set_errno(val) errno = (val)
76 #endif
77
78 #if defined(EACCES) && !defined(EACCESS)
79 # define EACCESS EACCES
80 #endif
81
82 #ifndef F_OK
83 # define F_OK 0
84 # define X_OK 1
85 # define W_OK 2
86 # define R_OK 4
87 #endif
88
89 #if !defined (S_IROTH) && defined (R_OK)
90 # define S_IROTH R_OK
91 #endif
92
93 #if !defined (S_IWOTH) && defined (W_OK)
94 # define S_IWOTH W_OK
95 #endif
96
97 #if !defined (S_IXOTH) && defined (X_OK)
98 # define S_IXOTH X_OK
99 #endif
100
101 #ifdef _LIBC
102
103 # define group_member __group_member
104 # define euidaccess __euidaccess
105
106 #else
107
108 /* The user's real user id. */
109 static uid_t uid;
110
111 /* The user's real group id. */
112 static gid_t gid;
113
114 # if HAVE_GETGROUPS
115 int group_member ();
116 # else
117 # define group_member(gid) 0
118 # endif
119
120 #endif
121
122 /* The user's effective user id. */
123 static uid_t euid;
124
125 /* The user's effective group id. */
126 static gid_t egid;
127
128 /* Nonzero if UID, GID, EUID, and EGID have valid values. */
129 static int have_ids;
130
131
132 /* Return 0 if the user has permission of type MODE on file PATH;
133 otherwise, return -1 and set `errno' to EACCESS.
134 Like access, except that it uses the effective user and group
135 id's instead of the real ones, and it does not check for read-only
136 filesystem, text busy, etc. */
137
138 int
139 euidaccess (const char *path, int mode)
140 {
141 struct stat stats;
142 int granted;
143
144 #ifdef _LIBC
145 if (! __libc_enable_secure)
146 /* If we are not set-uid or set-gid, access does the same. */
147 return __access (path, mode);
148 #else
149 if (have_ids == 0)
150 {
151 have_ids = 1;
152 uid = getuid ();
153 gid = getgid ();
154 euid = geteuid ();
155 egid = getegid ();
156 }
157
158 if (uid == euid && gid == egid)
159 /* If we are not set-uid or set-gid, access does the same. */
160 return access (path, mode);
161 #endif
162
163 if (stat (path, &stats))
164 return -1;
165
166 mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
167 #if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
168 ?error Oops, portability assumptions incorrect.
169 #endif
170
171 if (mode == F_OK)
172 return 0; /* The file exists. */
173
174 #ifdef _LIBC
175 /* Now we need the IDs. */
176 if (have_ids == 0)
177 {
178 have_ids = 1;
179 euid = __geteuid ();
180 egid = __getegid ();
181 }
182 #endif
183
184 /* The super-user can read and write any file, and execute any file
185 that anyone can execute. */
186 if (euid == 0 && ((mode & X_OK) == 0
187 || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
188 return 0;
189
190 if (euid == stats.st_uid)
191 granted = (unsigned) (stats.st_mode & (mode << 6)) >> 6;
192 else if (egid == stats.st_gid || group_member (stats.st_gid))
193 granted = (unsigned) (stats.st_mode & (mode << 3)) >> 3;
194 else
195 granted = (stats.st_mode & mode);
196 if (granted == mode)
197 return 0;
198 __set_errno (EACCESS);
199 return -1;
200 }
201 #undef euidaccess
202 #ifdef weak_alias
203 weak_alias (__euidaccess, euidaccess)
204 #endif
205 \f
206 #ifdef TEST
207 # include <stdio.h>
208 # include <errno.h>
209 # include "error.h"
210
211 char *program_name;
212
213 int
214 main (int argc, char **argv)
215 {
216 char *file;
217 int mode;
218 int err;
219
220 program_name = argv[0];
221 if (argc < 3)
222 abort ();
223 file = argv[1];
224 mode = atoi (argv[2]);
225
226 err = euidaccess (file, mode);
227 printf ("%d\n", err);
228 if (err != 0)
229 error (0, errno, "%s", file);
230 exit (0);
231 }
232 #endif
GNU core utilities