sysdeps/posix/euidaccess.c

   1 /* euidaccess -- check if effective user id can access file
   2    Copyright (C) 1990, 1991, 1995, 1996 Free Software Foundation, Inc.
   3
   4 This file is part of the GNU C Library.
   5
   6 The GNU C Library is free software; you can redistribute it and/or
   7 modify it under the terms of the GNU Library General Public License as
   8 published by the Free Software Foundation; either version 2 of the
   9 License, or (at your option) any later version.
  10
  11 The GNU C Library is distributed in the hope that it will be useful,
  12 but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 Library General Public License for more details.
  15
  16 You should have received a copy of the GNU Library General Public
  17 License along with the GNU C Library; see the file COPYING.LIB.  If
  18 not, write to the Free Software Foundation, Inc., 675 Mass Ave,
  19 Cambridge, MA 02139, USA.  */
  20
  21 /* Written by David MacKenzie and Torbjorn Granlund.
  22    Adapted for GNU C library by Roland McGrath.  */
  23
  24 #ifdef HAVE_CONFIG_H
  25 #include <config.h>
  26 #endif
  27
  28 #include <sys/types.h>
  29 #include <sys/stat.h>
  30
  31 #ifdef S_IEXEC
  32 #ifndef S_IXUSR
  33 #define S_IXUSR S_IEXEC
  34 #endif
  35 #ifndef S_IXGRP
  36 #define S_IXGRP (S_IEXEC >> 3)
  37 #endif
  38 #ifndef S_IXOTH
  39 #define S_IXOTH (S_IEXEC >> 6)
  40 #endif
  41 #endif /* S_IEXEC */
  42
  43 #if defined (HAVE_UNISTD_H) || defined (_LIBC)
  44 #include <unistd.h>
  45 #endif
  46
  47 #ifdef _POSIX_VERSION
  48 #include <limits.h>
  49 #if !defined(NGROUPS_MAX) || NGROUPS_MAX < 1
  50 #undef NGROUPS_MAX
  51 #define NGROUPS_MAX sysconf (_SC_NGROUPS_MAX)
  52 #endif /* NGROUPS_MAX */
  53
  54 #else /* not _POSIX_VERSION */
  55 uid_t getuid ();
  56 gid_t getgid ();
  57 uid_t geteuid ();
  58 gid_t getegid ();
  59 #include <sys/param.h>
  60 #if !defined(NGROUPS_MAX) && defined(NGROUPS)
  61 #define NGROUPS_MAX NGROUPS
  62 #endif /* not NGROUPS_MAX and NGROUPS */
  63 #endif /* not POSIX_VERSION */
  64
  65 #include <errno.h>
  66 #ifndef errno
  67 extern int errno;
  68 #endif
  69 #ifndef __set_errno
  70 #define __set_errno(val) errno = (val)
  71 #endif
  72
  73 #if defined(EACCES) && !defined(EACCESS)
  74 #define EACCESS EACCES
  75 #endif
  76
  77 #ifndef F_OK
  78 #define F_OK 0
  79 #define X_OK 1
  80 #define W_OK 2
  81 #define R_OK 4
  82 #endif
  83
  84 #if !defined (S_IROTH) && defined (R_OK)
  85 # define S_IROTH R_OK
  86 #endif
  87 #if !defined (S_IWOTH) && defined (W_OK)
  88 # define S_IWOTH W_OK
  89 #endif
  90 #if !defined (S_IXOTH) && defined (X_OK)
  91 # define S_IXOTH X_OK
  92 #endif
  93
  94
  95 #ifdef _LIBC
  96
  97 #define group_member __group_member
  98
  99 #else
 100
 101 /* The user's real user id. */
 102 static uid_t uid;
 103
 104 /* The user's real group id. */
 105 static gid_t gid;
 106
 107 /* The user's effective user id. */
 108 static uid_t euid;
 109
 110 /* The user's effective group id. */
 111 static gid_t egid;
 112
 113 /* Nonzero if UID, GID, EUID, and EGID have valid values. */
 114 static int have_ids = 0;
 115
 116 #ifdef HAVE_GETGROUPS
 117 int group_member ();
 118 #else
 119 #define group_member(gid)       0
 120 #endif
 121
 122 #endif
 123
 124
 125 /* Return 0 if the user has permission of type MODE on file PATH;
 126    otherwise, return -1 and set `errno' to EACCESS.
 127    Like access, except that it uses the effective user and group
 128    id's instead of the real ones, and it does not check for read-only
 129    filesystem, text busy, etc. */
 130
 131 int
 132 euidaccess (path, mode)
 133      const char *path;
 134      int mode;
 135 {
 136   struct stat stats;
 137   int granted;
 138
 139 #ifdef  _LIBC
 140   uid_t uid = getuid (), euid = geteuid ();
 141   gid_t gid = getgid (), egid = getegid ();
 142 #else
 143   if (have_ids == 0)
 144     {
 145       have_ids = 1;
 146       uid = getuid ();
 147       gid = getgid ();
 148       euid = geteuid ();
 149       egid = getegid ();
 150     }
 151 #endif
 152
 153   if (uid == euid && gid == egid)
 154     /* If we are not set-uid or set-gid, access does the same.  */
 155     return access (path, mode);
 156
 157   if (stat (path, &stats))
 158     return -1;
 159
 160   mode &= (X_OK | W_OK | R_OK); /* Clear any bogus bits. */
 161 #if R_OK != S_IROTH || W_OK != S_IWOTH || X_OK != S_IXOTH
 162   ?error Oops, portability assumptions incorrect.
 163 #endif
 164
 165   if (mode == F_OK)
 166     return 0;                   /* The file exists. */
 167
 168   /* The super-user can read and write any file, and execute any file
 169      that anyone can execute. */
 170   if (euid == 0 && ((mode & X_OK) == 0
 171                     || (stats.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH))))
 172     return 0;
 173
 174   if (euid == stats.st_uid)
 175     granted = (unsigned) (stats.st_mode & (mode << 6)) >> 6;
 176   else if (egid == stats.st_gid || group_member (stats.st_gid))
 177     granted = (unsigned) (stats.st_mode & (mode << 3)) >> 3;
 178   else
 179     granted = (stats.st_mode & mode);
 180   if (granted == mode)
 181     return 0;
 182   __set_errno (EACCESS);
 183   return -1;
 184 }
 185 \f
 186 #ifdef TEST
 187 #include <stdio.h>
 188 #include <errno.h>
 189 #include "error.h"
 190
 191 char *program_name;
 192
 193 int
 194 main (argc, argv)
 195      int argc;
 196      char **argv;
 197 {
 198   char *file;
 199   int mode;
 200   int err;
 201
 202   program_name = argv[0];
 203   if (argc < 3)
 204     abort ();
 205   file = argv[1];
 206   mode = atoi (argv[2]);
 207
 208   err = euidaccess (file, mode);
 209   printf ("%d\n", err);
 210   if (err != 0)
 211     error (0, errno, "%s", file);
 212   exit (0);
 213 }
 214 #endif