From 20ef6c7b9cd338fc8bfc3cc5221fb811b297f6bf Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Sat, 1 Dec 2007 10:10:52 +0100 Subject: [PATCH] Add a test for cp -p and existing file permissions. * tests/cp/Makefile.am (TESTS): Add existing-perm-race. * tests/cp/existing-perm-race: New test. It isn't much of a test yet, since it's hard to catch the race, but it has a FIXME that will let us do a better test later. --- ChangeLog | 8 ++++ tests/cp/Makefile.am | 1 + tests/cp/existing-perm-race | 94 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 tests/cp/existing-perm-race diff --git a/ChangeLog b/ChangeLog index f662660..83ca215 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2007-11-29 Paul Eggert + + Add a test for cp -p and existing file permissions. + * tests/cp/Makefile.am (TESTS): Add existing-perm-race. + * tests/cp/existing-perm-race: New test. It isn't much of a + test yet, since it's hard to catch the race, but it has a FIXME + that will let us do a better test later. + 2007-11-28 Paul Eggert Fix a security race with "cp -p A B" when B already exists. diff --git a/tests/cp/Makefile.am b/tests/cp/Makefile.am index 159b93a..4af269c 100644 --- a/tests/cp/Makefile.am +++ b/tests/cp/Makefile.am @@ -21,6 +21,7 @@ TESTS = \ thru-dangling \ cp-a-selinux \ file-perm-race parent-perm-race \ + existing-perm-race \ backup-dir \ src-base-dot \ sparse \ diff --git a/tests/cp/existing-perm-race b/tests/cp/existing-perm-race new file mode 100644 index 0000000..11f38d2 --- /dev/null +++ b/tests/cp/existing-perm-race @@ -0,0 +1,94 @@ +#!/bin/sh +# Make sure cp -p isn't too generous with existing file permissions. + +# Copyright (C) 2006-2007 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +if test "$VERBOSE" = yes; then + set -x + cp --version +fi + +. $srcdir/../group-names +. $srcdir/../test-lib.sh + +set _ $groups; shift +g1=$1 +g2=$2 + +fail=0 + +umask 077 +mkfifo fifo || { + echo "$0: fifos not supported; skipping this test." 1>&2 + (exit 77); exit 77 +} + +touch fifo-copy && +chgrp $g1 fifo && +chgrp $g2 fifo-copy && +chmod g+r fifo-copy || framework-failure + +# Copy a fifo's contents. That way, we can examine the +# destination permissions before they're finalized. +cp -p --copy-contents fifo fifo-copy & +cp_pid=$! + +( + # Now 'cp' is reading the fifo. Wait for the destination file to + # be written to, encouraging things along by echoing to the fifo. + while test ! -s fifo-copy; do + echo foo + done + + # Check the permissions of the destination. + ls -l -n fifo-copy >ls.out && + + # Close the fifo so that "cp" can continue. But output first, + # before exiting, otherwise some shells would optimize away the file + # descriptor that holds the fifo open. + echo foo +) >fifo || fail=1 + +# Check that the destination mode is safe while the file is being copied. +read mode links owner group etc ls.out && +read mode links owner group etc