Menu
▾
▴
[Bacula-devel] [PATCH] find_one_file: Remove unreliable and redundant access(2) directory check
|
From: Dmitry V. L. <ld...@al...> - 2009-09-17 22:59:27
|
>From one side, access(2) is not reliable by definition. According to
specification, access(2) uses process's real UID and GID instead of
effective IDs, and it ignores process capabilities. Consequently,
privileged process with unprivileged real IDs should not use access(2)
to check its access to files.
>From another side, the access(2) directory check looks redundant
because the directory is opened right below using opendir(3).
---
I checked the source to ensure that FT_NOOPEN is handled the same way
as FT_NOACCESS, so this change should not break things due to changes
in code paths.
bacula/src/findlib/find_one.c | 18 ------------------
1 files changed, 0 insertions(+), 18 deletions(-)
diff --git a/bacula/src/findlib/find_one.c b/bacula/src/findlib/find_one.c
index 36cfa6c..2e63855 100644
--- a/bacula/src/findlib/find_one.c
+++ b/bacula/src/findlib/find_one.c
@@ -559,24 +559,6 @@ find_one_file(JCR *jcr, FF_PKT *ff_pkt,
bool volhas_attrlist = ff_pkt->volhas_attrlist; /* Remember this if we recurse */
/*
- * If we are using Win32 (non-portable) backup API, don't check
- * access as everything is more complicated, and
- * in principle, we should be able to access everything.
- */
- if (!have_win32_api() || (ff_pkt->flags & FO_PORTABLE)) {
- if (access(fname, R_OK) == -1 && geteuid() != 0) {
- /* Could not access() directory */
- ff_pkt->type = FT_NOACCESS;
- ff_pkt->ff_errno = errno;
- rtn_stat = handle_file(jcr, ff_pkt, top_level);
- if (ff_pkt->linked) {
- ff_pkt->linked->FileIndex = ff_pkt->FileIndex;
- }
- return rtn_stat;
- }
- }
-
- /*
* Ignore this directory and everything below if the file .nobackup
* (or what is defined for IgnoreDir in this fileset) exists
*/
--
1.6.4.4
--
ldv
|