* [PATCH] Tests for globbing below protected directories
@ 2021-01-25 0:15 Bart Schaefer
2021-01-26 23:56 ` Daniel Shahaf
0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-01-25 0:15 UTC (permalink / raw)
To: Zsh hackers list
Does this test look as expected? Note there are trailing spaces on
the "print -raC 2" output, which surprised me but has nothing to do
with the test itself.
This doesn't test for the CASEGLOB issue last mentioned in workers/47832.
diff --git a/Test/D02glob.ztst b/Test/D02glob.ztst
index 176846d46..d3b2e9ec2 100644
--- a/Test/D02glob.ztst
+++ b/Test/D02glob.ztst
@@ -741,6 +741,23 @@
>glob.tmp/secret-s111/ glob.tmp/secret-s111
>glob.tmp/secret-s444/ glob.tmp/secret-s444
+ for 1 in 000 111 444 ; do
+ chmod 777 glob.tmp/secret-d$1
+ touch glob.tmp/secret-d$1/file
+ mkdir -m 777 glob.tmp/secret-d$1/dir
+ touch glob.tmp/secret-d$1/dir/file
+ chmod $1 glob.tmp/secret-d$1
+ done
+ print -raC 2 -- glob.tmp/secret-*/* glob.tmp/secret-*/file
+0:names inside unreadable directories can be globbed if searchable
+>glob.tmp/secret-d444/dir glob.tmp/secret-d444/file
+>glob.tmp/secret-s444/dir glob.tmp/secret-s444/file
+>glob.tmp/secret-d111/file glob.tmp/secret-s111/file
+
+ print -rC 2 -- glob.tmp/secret-*/dir/*
+0:glob files in readable directories inside unreadable directories
+>glob.tmp/secret-d111/dir/file glob.tmp/secret-s111/dir/file
+
# On macOS, stat(2) allows files to be treated as directories if the calling
# process has super-user privileges. e.g., stat() on /my/regular/file/. will
# succeed as root but (correctly) fail otherwise. This can produce strange
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-01-25 0:15 [PATCH] Tests for globbing below protected directories Bart Schaefer
@ 2021-01-26 23:56 ` Daniel Shahaf
2021-02-02 2:45 ` Bart Schaefer
0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-01-26 23:56 UTC (permalink / raw)
To: Zsh hackers list
Bart Schaefer wrote on Sun, Jan 24, 2021 at 16:15:23 -0800:
> Does this test look as expected?
It's a little counter-intuitive that foo/* is not a superset of foo/file. The
former can't tractably discover d111/file, of course. As to whether
foo/file fall back to readdir() when the directory is readable but not
executable, I guess this was either discussed in the other thread or is
ETOOMUCHEFFORT, or possibly both — but it's too late right now for me to go
look, sorry.
Thanks for the patch, Bart.
> Note there are trailing spaces on the "print -raC 2" output, which surprised
> me but has nothing to do with the test itself.
>
The trailing spaces were eaten by something in the email delivery chain, but
they're definitely unrelated to the test itself:
% print -raC 2 x y | sed 's/$/$/'
x y $
%
Daniel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-01-26 23:56 ` Daniel Shahaf
@ 2021-02-02 2:45 ` Bart Schaefer
2021-02-03 11:22 ` Daniel Shahaf
0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-02 2:45 UTC (permalink / raw)
To: Daniel Shahaf; +Cc: Zsh hackers list
On Tue, Jan 26, 2021 at 3:56 PM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> It's a little counter-intuitive that foo/* is not a superset of foo/file. The
> former can't tractably discover d111/file, of course. As to whether
> foo/file fall back to readdir() when the directory is readable but not
> executable
I'm not sure what you mean here. There's no comparison of foo/* to
foo/file ... the test case is comparing f*/* to f*/file
Does that mean there's a test case missing?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-02 2:45 ` Bart Schaefer
@ 2021-02-03 11:22 ` Daniel Shahaf
2021-02-03 22:33 ` Bart Schaefer
0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-03 11:22 UTC (permalink / raw)
To: Zsh hackers list
Bart Schaefer wrote on Mon, Feb 01, 2021 at 18:45:15 -0800:
> On Tue, Jan 26, 2021 at 3:56 PM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
> >
> > It's a little counter-intuitive that foo/* is not a superset of foo/file. The
> > former can't tractably discover d111/file, of course. As to whether
> > foo/file fall back to readdir() when the directory is readable but not
> > executable
>
> I'm not sure what you mean here. There's no comparison of foo/* to
> foo/file ... the test case is comparing f*/* to f*/file
Sorry I wasn't clear. I was observing that the expansion of «*/*» does not
include «foo/bar», even though the expansion of «*/bar» does include «foo/bar»
and one might expect the expansion of «*/*» to be a superset of the expansion of
«*/bar». This could be surprising.
> Does that mean there's a test case missing?
I don't know of a missing test case.
Cheers,
Daniel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-03 11:22 ` Daniel Shahaf
@ 2021-02-03 22:33 ` Bart Schaefer
2021-02-03 23:06 ` Bart Schaefer
0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-03 22:33 UTC (permalink / raw)
To: Daniel Shahaf; +Cc: Zsh hackers list
On Wed, Feb 3, 2021 at 3:22 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> Sorry I wasn't clear. I was observing that the expansion of «*/*» does not
> include «foo/bar», even though the expansion of «*/bar» does include «foo/bar»
> and one might expect the expansion of «*/*» to be a superset of the expansion of
> «*/bar». This could be surprising.
Perhaps, but that's the definition of the difference between
"readable" and "searchable" (executable) directories. In the example
of «foo/bar», if the parent of foo is searchable but foo is only
readable, then you can expand «*» to discover foo and attempt to
"read" under «foo/» for the existence of the known name bar, but you
can't "search" foo (expand «foo/*») to discover anything, so by
extension «*/*» can't include «foo/bar».
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-03 22:33 ` Bart Schaefer
@ 2021-02-03 23:06 ` Bart Schaefer
2021-02-04 13:09 ` Daniel Shahaf
0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-03 23:06 UTC (permalink / raw)
To: Daniel Shahaf; +Cc: Zsh hackers list
On Wed, Feb 3, 2021 at 2:33 PM Bart Schaefer <schaefer@brasslantern.com> wrote:
>
> Perhaps, but that's the definition of the difference between
> "readable" and "searchable" (executable) directories.
Put more concretely:
mode | opendir(x) | stat(x/name) |
dr-- | yes | no |
dr-x | yes | yes |
d--x | no | yes |
It's that first one that produces your surprising result, globbing
only returns names it can stat() and only pattern-matches in
directories it can opendir().
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-03 23:06 ` Bart Schaefer
@ 2021-02-04 13:09 ` Daniel Shahaf
2021-02-04 21:34 ` Bart Schaefer
0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-04 13:09 UTC (permalink / raw)
To: zsh-workers
Bart Schaefer wrote on Wed, 03 Feb 2021 23:06 +00:00:
> On Wed, Feb 3, 2021 at 2:33 PM Bart Schaefer <schaefer@brasslantern.com> wrote:
> >
> > Perhaps, but that's the definition of the difference between
> > "readable" and "searchable" (executable) directories.
>
> Put more concretely:
Yeah, I understand why it happens. It's obvious if one knows that
«foo/*» is implemented by readdir() and «foo/bar» by stat(). The thing
is, someone who learnt glob patterns as a black box might not be
familiar with the relevant syscall/permission semantics and thus may be
surprised by this behaviour.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-04 13:09 ` Daniel Shahaf
@ 2021-02-04 21:34 ` Bart Schaefer
2021-02-06 12:15 ` Daniel Shahaf
0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-04 21:34 UTC (permalink / raw)
To: Daniel Shahaf; +Cc: zsh-workers
On Thu, Feb 4, 2021 at 5:10 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> someone who learnt glob patterns as a black box might not be
> familiar with the relevant syscall/permission semantics and thus may be
> surprised by this behaviour.
Is there something you suggest we do about it?
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] Tests for globbing below protected directories
2021-02-04 21:34 ` Bart Schaefer
@ 2021-02-06 12:15 ` Daniel Shahaf
0 siblings, 0 replies; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-06 12:15 UTC (permalink / raw)
To: zsh-workers
Bart Schaefer wrote on Thu, Feb 04, 2021 at 13:34:47 -0800:
> On Thu, Feb 4, 2021 at 5:10 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
> >
> > someone who learnt glob patterns as a black box might not be
> > familiar with the relevant syscall/permission semantics and thus may be
> > surprised by this behaviour.
>
> Is there something you suggest we do about it?
No, unless it's technically a POSIX violation or something, in which case we
can take it from there.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2021-02-06 12:16 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-25 0:15 [PATCH] Tests for globbing below protected directories Bart Schaefer
2021-01-26 23:56 ` Daniel Shahaf
2021-02-02 2:45 ` Bart Schaefer
2021-02-03 11:22 ` Daniel Shahaf
2021-02-03 22:33 ` Bart Schaefer
2021-02-03 23:06 ` Bart Schaefer
2021-02-04 13:09 ` Daniel Shahaf
2021-02-04 21:34 ` Bart Schaefer
2021-02-06 12:15 ` Daniel Shahaf
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).