Page MenuHomeFreeBSD

Remove useless call to access(2)
ClosedPublic

Authored by trasz on Oct 25 2018, 4:03 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Oct 8, 1:46 PM
Unknown Object (File)
Thu, Sep 11, 1:25 AM
Unknown Object (File)
Sep 10 2025, 7:51 AM
Unknown Object (File)
Sep 10 2025, 6:35 AM
Unknown Object (File)
Aug 13 2025, 3:24 PM
Unknown Object (File)
Aug 4 2025, 10:06 PM
Unknown Object (File)
Jul 29 2025, 12:27 AM
Unknown Object (File)
Jul 28 2025, 11:24 PM
Subscribers

Details

Summary

Remove useless call to access(2) from tzcode. Quoting OpenBSD:

Remove doaccess variable and access(2) call since this interfers with
applications like zdump(8) because pledge(2) doesn't allow access(2) to
/usr/share/zoneinfo.

millert@ better described why this call can go away:

"This looks like an attempt to do access checks based on the real uid instead
of the effective uid.  Basically for setuid programs we don't want to allow a
user to set TZ to a path they should not be able to otherwise access.

However, we already have a check for issetugid() above so I think the doaccess
bits can just be removed and we can rely on open()."

After discussion with tb@, deraadt@ and millert@, this was also OK'ed by them

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This looks good to my naive eye.

contrib/tzcode/stdtime/localtime.c
393 ↗(On Diff #49616)

I think I added this comment years ago. I think it is correct now and the comment can be removed.

This revision is now accepted and ready to land.Oct 25 2018, 4:11 PM
This revision was automatically updated to reflect the committed changes.