diff options
| author | Frank Ch. Eigler <fche@redhat.com> | 2021-08-18 18:29:34 -0400 |
|---|---|---|
| committer | Frank Ch. Eigler <fche@redhat.com> | 2021-10-22 11:41:47 -0400 |
| commit | 7d64173fb11c66284a408e52d41d15b7755d65d2 (patch) | |
| tree | bb9065916c93096c6d49e8e839112db259967410 /tests | |
| parent | e3e70782a1d1a246844215991bbd2d6b60d0aa41 (diff) | |
| download | elfutils-7d64173fb11c66284a408e52d41d15b7755d65d2.tar.gz | |
PR28240: debuginfod client root-safe negative caching
Negative cache (000-permission) files were incorrectly treated as
valid cached files for the root user, because root can open even
000-perm files without -EACCES. Corrected this checking sequence.
Fixed the debuginfod testsuite to run to completion as root or
as an ordinary user, correcting corresponding permission checks:
stat -c %A $FILE
is right and
[ -w $FILE] [ -r $FILE ]
were wrong.
Signed-off-by: Frank Ch. Eigler <fche@redhat.com>
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/ChangeLog | 6 | ||||
| -rwxr-xr-x | tests/run-debuginfod-000-permission.sh | 2 | ||||
| -rwxr-xr-x | tests/run-debuginfod-artifact-running.sh | 4 | ||||
| -rwxr-xr-x | tests/run-debuginfod-writable.sh | 2 |
4 files changed, 8 insertions, 6 deletions
diff --git a/tests/ChangeLog b/tests/ChangeLog index 07e018b0..46302b56 100644 --- a/tests/ChangeLog +++ b/tests/ChangeLog @@ -1,3 +1,9 @@ +2021-10-23 Frank Ch. Eigler <fche@redhat.com> + + PR28240 + * run-debuginfod-000-permission.sh, -writable.sh: + Correct negative-cache file permission checking. + 2021-10-06 Mark Wielaard <mark@klomp.org> * show-die-info.c (handle): Handle dwarf_attr_string returning NULL. diff --git a/tests/run-debuginfod-000-permission.sh b/tests/run-debuginfod-000-permission.sh index afa7e931..c1b2cf81 100755 --- a/tests/run-debuginfod-000-permission.sh +++ b/tests/run-debuginfod-000-permission.sh @@ -56,7 +56,7 @@ if [ ! -f $DEBUGINFOD_CACHE_PATH/01234567/debuginfo ]; then err fi -if [ -r $DEBUGINFOD_CACHE_PATH/01234567/debuginfo ]; then +if [ `stat -c "%A" $DEBUGINFOD_CACHE_PATH/01234567/debuginfo` != "----------" ]; then echo "The cache $DEBUGINFOD_CACHE_PATH/01234567/debuginfo is readable" err fi diff --git a/tests/run-debuginfod-artifact-running.sh b/tests/run-debuginfod-artifact-running.sh index 51fa9c0a..b9444426 100755 --- a/tests/run-debuginfod-artifact-running.sh +++ b/tests/run-debuginfod-artifact-running.sh @@ -90,10 +90,6 @@ wait_ready $PORT1 'thread_busy{role="scan"}' 0 rm -rf $DEBUGINFOD_CACHE_PATH # clean it from previous tests filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID` cmp $filename F/prog.debug -if [ -w $filename ]; then - echo "cache file writable, boo" - err -fi filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find executable F/prog` cmp $filename F/prog diff --git a/tests/run-debuginfod-writable.sh b/tests/run-debuginfod-writable.sh index 69ececb3..9cc4ea1d 100755 --- a/tests/run-debuginfod-writable.sh +++ b/tests/run-debuginfod-writable.sh @@ -79,7 +79,7 @@ wait_ready $PORT1 'thread_busy{role="scan"}' 0 rm -rf $DEBUGINFOD_CACHE_PATH # clean it from previous tests filename=`testrun ${abs_top_builddir}/debuginfod/debuginfod-find debuginfo $BUILDID` cmp $filename F/p+r%o\$g.debug -if [ -w $filename ]; then +if [ `stat -c "%A" $filename` != "-r--------" ]; then echo "cache file writable, boo" err fi |