Bugzilla – Bug 151
flaw in primary group handling - unable to FAM files in some directories
Last modified: 2002-07-15 18:50:44 CDT
A problem we noticed recently in IRIX seems to be related to the bug referenced at the above URL. When trying to FAM a directory the user should be able to read because he/she belongs to a group that has read and execute permissions on the directory, the user only gets an Exists and EndExist event because the user is denied permission. For instance, on this directory: drwxr-x--- jim users /users/shared logged in as "bob" who is a member or group "users". Bob will only get a Exists and EndExist event, instead of events for every file inside /users/shared. If the FAM daemon is running in debug mode, we notice: fam[xxxx]: can't chdir("/users/shared"): Permission denied
I've merged the IRIX groups code that we've been working on. This should fix the problem.
This bug also makes it possible to learn names of files in root's group in some instances as follows: ---------------------------------------- # ls -ld /root drwxr-x--- ... root root ... /root # fam % groups | grep root ERRONEOUS BEHAVIOR % ./test -d /root FAMMonitorDirectory("/root") FAMMonitorDirectory("/root") DIR /root: /root Exists DIR /root: .gnome Exists DIR /root: Desktop Exists ... CORRECT BEHAVIOR % ./test -d /root FAMMonitorDirectory("/root") FAMMonitorDirectory("/root") DIR /root: /root Exists DIR /root: /root EndExist ---------------------------------------- (% indicates a command run as an unprivileged user)
Created attachment 35 [details] differences between Cred.c++ from 2.6.6 to 2.6.8 - biggest part of the required fix
Created attachment 36 [details] differences between Cred module in 2.6.6 and 2.6.8 - should contain all required changes