Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site elsie.UUCP Path: utzoo!watmath!clyde!burl!ulysses!mhuxl!ihnp4!zehntel!hplabs!hao!seismo!umcp-cs!cvl!elsie!ado From: ado@elsie.UUCP (Arthur David Olson) Newsgroups: net.bugs.4bsd Subject: chmod fails to tell about bum arguments under 4.1bsd (with fix)-REPOST Message-ID: <1212@elsie.UUCP> Date: Fri, 14-Sep-84 19:00:43 EDT Article-I.D.: elsie.1212 Posted: Fri Sep 14 19:00:43 1984 Date-Received: Tue, 25-Sep-84 02:30:37 EDT Organization: NIH-LEC, Bethesda, MD Lines: 55 Defendant-- /sys/sys/sy4.c Charge-- The "chmod" function in /sys/sys/sys4.c fails to let the invoking process know about bum arguments. Evidence-- As a "normal" (as distinct from "super") user type: cp /dev/null testing123 chmod +t testing123 chmod 60666 testing123 The first chmod command asks for the sticky bit to be set, which only the super user is supposed to be able to do. The sticky bit is not set--but no diagnostic is produced. The second chmod command tries to set a nonsensical mode. The nonsense bits are silently ignored. Verdict-- Not guilty by reason of insanity. Sentence-- Here are the lines that show how to fix "/sys/sys/sys4.c": #ifdef OLDVERSION ip->i_mode &= ~07777; if (u.u_uid) uap->fmode &= ~ISVTX; ip->i_mode |= uap->fmode&07777; ip->i_flag |= ICHG; #else if ((uap->fmode & ~07777) != 0 && (uap->fmode & ~07777) != (ip->i_mode & ~07777)) u.u_error = EINVAL; else if (u.u_uid && (uap->fmode & ISVTX) != 0) u.u_error = EPERM; else { ip->i_mode &= ~07777; ip->i_mode |= uap->fmode & 07777; ip->i_flag |= ICHG; } #endif The fix is done in such a way that code like: #include#include main() { struct stat s; stat("testing123", &s); chmod("testing123", s.st_mode | 01); } -- ...decvax!seismo!umcp-cs!elsie!ado (301) 496-5688 (DEC, VAX and Elsie are Digital Equipment Corp. and Borden's trademarks)