[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Linux permissions and which(1)

On Fri, Sep 05, 2003 at 05:17:26PM +0100, Colin Watson wrote:
> > OK, but what is the _correct_ behaviour, and where is it documented?
> 
> The correct behaviour can be deduced easily from which(1):
> 
>        which  returns  the  pathnames of the files which would be exe-
>        cuted in the current environment, had its arguments been  given
>        as commands in a strictly POSIX-conformant shell.

which is true unless you are using the wrong which, which I was doing 
because I simply did a apt-get source which...

Here's something interesting.  Two "foo" programs:

moseley@bumby:~/which-2.14$ ls -l /usr/local/bin/foo /usr/bin/foo
-rwxr-xr-x    1 moseley  audio          34 2003-09-05 13:27 /usr/bin/foo
-rwxr-xr-x    1 moseley  audio          40 2003-09-05 13:27 /usr/local/bin/foo

moseley@bumby:~/which-2.14$ /usr/bin/foo
foo in /usr/bin

moseley@bumby:~/which-2.14$ /usr/local/bin/foo
foo in /usr/local/bin

moseley@bumby:~/which-2.14$ which foo
/usr/local/bin/foo

Now turn of execute for the owner (me):

bumby:~# chmod 655 /usr/local/bin/foo


Here's the interesting part.

moseley@bumby:~/which-2.14$ foo 
bash: /usr/local/bin/foo: /bin/sh: bad interpreter: Permission denied

Still finds the first matching file in the path, but then permission
denied when trying to run it.

[remember this one for below -- still at 644 perms on 
/usr/local/bin/foo]

moseley@bumby:~/which-2.14$ bash -c foo
bash: /usr/local/bin/foo: /bin/sh: bad interpreter: Permission denied


moseley@bumby:~/which-2.14$ which foo
/usr/bin/foo

Hum, but which(1) skips over the one in /usr/local/bin because of 
owner permissions (true, I can't run that one), but the shell doesn't.


Now looking at the broken which(1) program -- different from the 
which(1) that comes with binutils:

moseley@bumby:~/which-2.14$ ./which foo
/usr/local/bin/foo

That version is broken because of what I posted yesterday: that version 
is seeing that I don't have *owner* permissions and moving on to group 
and other perms which I do have permissions for.


Now remove all permissions to execute:

bumby:~# chmod 644 /usr/local/bin/foo

moseley@bumby:~/which-2.14$ ./which foo
/usr/bin/foo

So now since I don't have ANY permissions which-2.14 moves on.
But the binutils which(1) still points to the one in /usr/bin:

moseley@bumby:~/which-2.14$ which foo
/usr/bin/foo

Now the fun starts:

moseley@bumby:~/which-2.14$ foo
bash: /usr/local/bin/foo: Permission denied

Remember this from above?

moseley@bumby:~/which-2.14$ bash -c foo
foo in /usr/bin

Now what's happening there?

See it again...

moseley@bumby:~/which-2.14$ which foo
/usr/bin/foo

moseley@bumby:~/which-2.14$ bash -c foo
foo in /usr/bin

moseley@bumby:~/which-2.14$ foo
bash: /usr/local/bin/foo: Permission denied

moseley@bumby:~/which-2.14$ ls -l /usr/local/bin/foo
-rw-r--r--    1 moseley  audio          40 2003-09-05 13:27 /usr/local/bin/foo





-- 
Bill Moseley
moseley@hank.org
Reply to: