Front page | perl.vmsperl |
Postings from January 2002
At 02:06 PM 1/30/2002 -0500, Dan Sugalski wrote: >At 11:55 AM -0600 1/30/02, Craig A. Berry wrote: >>So there may well be 2 bugs here, one related to getting the wrong error >>when we don't have privileges and one related to not getting access when we >>do have privs. It appears not to be opendir per se, but the access checking >>routine, this based on the fact that the directory is not considered >>readable even when BYPASS is enabled: > >I think it's stat()'s fault. Hmm. If I don't have privs to read the directory, then stat() tells me it is not a directory. So, yes, that appears to be a problem with stat(). Perhaps in Perl_opendir() we should check access first and only attempt to determine if it's a directory after that. If I do have privs to read the directory but only because I have SETPRV and have enabled BYPASS, then sys$check_access in cando_by_name() returns SS$_NOPRIV. It probably just uses the default priv mask in the UAF and doesn't look at the current process privs. I believe what needs to happen here is a call to sys$getjpiw to get the current process privs, then a call to sys$create_user_profile to create a user profile with those privs, and *then* a call to sys$check_access with the user profile rather than just the user name as we are currently doing. Sigh. Meanwhile bleadperl is not building because someone "improved" the Makefile.PL for Encode.Thread Previous | Thread Next