mirror/glibc
2
0
Fork 0
mirror of git://sourceware.org/git/glibc.git synced 2025-03-19 13:40:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update.

Browse Source 
* manual/filesys.texi (Testing File Access): Correct description of
	SUID.

1999-08025  H.J. Lu  <hjl@gnu.org>

	* csu/defs.awk (.end): Only match with leading white spaces.
	(.align): Likewise.

1999-09-19  Ulrich Drepper  <drepper@cygnus.com>
This commit is contained in:
Ulrich Drepper 1999-09-20 04:59:24 +00:00
parent 1d8004b276
commit 3a4cbb4186
3 changed files with 25 additions and 14 deletions

10
ChangeLog

@ -1,3 +1,13 @@
1999-09-19 Ulrich Drepper <drepper@cygnus.com>
* manual/filesys.texi (Testing File Access): Correct description of
SUID.
1999-08025 H.J. Lu <hjl@gnu.org>
* csu/defs.awk (.end): Only match with leading white spaces.
(.align): Likewise.
1999-09-19 Ulrich Drepper <drepper@cygnus.com> 1999-09-19 Ulrich Drepper <drepper@cygnus.com>
* stdlib/isomac.c: Add va_copy to allowed macros. * stdlib/isomac.c: Add va_copy to allowed macros.

4
csu/defs.awk

@ -1,5 +1,5 @@
/\.end/ { need_end = 1 } /^[ ]*\.end/ { need_end = 1 }
/\.align/ { if($2 > max) max = $2; } /^[ ]*\.align/ { if($2 > max) max = $2; }
END { END {
if(need_end) if(need_end)

25
manual/filesys.texi

@ -2267,19 +2267,20 @@ The file resides on a read-only file system.
@cindex access, testing for @cindex access, testing for
@cindex setuid programs and file access @cindex setuid programs and file access
When a program runs as a privileged user, this permits it to access In some situations it is desirable to allow programs to access files or
files off-limits to ordinary users---for example, to modify devices even if this is not possible with the permissions granted to the
@file{/etc/passwd}. Programs designed to be run by ordinary users but user. One possible solution is to set the setuid-bit of the program
access such files use the setuid bit feature so that they always run file. If such a program is started the @emph{effective} user ID of the
with @code{root} as the effective user ID. process is changed to that of the owner of the program file. So to
allow write access to files like @file{/etc/passwd}, which normally can
be written only by the super-user, the modifying program will have to be
owned by @code{root} and the setuid-bit must be set.
Since the program runs as @code{root}, it has permission to access But beside the files the program is intended to change the user should
whatever file the user specifies---but usually the desired behavior is not be allowed to access any file to which s/he would not have access
to permit only those files which the user could ordinarily access. anyway. The program therefore must explicitly check whether @emph{the
user} would have the necessary access to a file, before it reads or
The program therefore must explicitly check whether @emph{the user} writes the file.
would have the necessary access to a file, before it reads or writes the
file.
To do this, use the function @code{access}, which checks for access To do this, use the function @code{access}, which checks for access
permission based on the process's @emph{real} user ID rather than the permission based on the process's @emph{real} user ID rather than the