zsh-workers
 help / color / mirror / Atom feed
* [PATCH] Tests for globbing below protected directories
@ 2021-01-25  0:15 Bart Schaefer
  2021-01-26 23:56 ` Daniel Shahaf
  0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-01-25  0:15 UTC (permalink / raw)
  To: Zsh hackers list

Does this test look as expected?  Note there are trailing spaces on
the "print -raC 2" output, which surprised me but has nothing to do
with the test itself.

This doesn't test for the CASEGLOB issue last mentioned in workers/47832.

diff --git a/Test/D02glob.ztst b/Test/D02glob.ztst
index 176846d46..d3b2e9ec2 100644
--- a/Test/D02glob.ztst
+++ b/Test/D02glob.ztst
@@ -741,6 +741,23 @@
 >glob.tmp/secret-s111/  glob.tmp/secret-s111
 >glob.tmp/secret-s444/  glob.tmp/secret-s444

+ for 1 in 000 111 444 ; do
+  chmod 777 glob.tmp/secret-d$1
+  touch glob.tmp/secret-d$1/file
+  mkdir -m 777 glob.tmp/secret-d$1/dir
+  touch glob.tmp/secret-d$1/dir/file
+  chmod $1 glob.tmp/secret-d$1
+ done
+ print -raC 2 -- glob.tmp/secret-*/* glob.tmp/secret-*/file
+0:names inside unreadable directories can be globbed if searchable
+>glob.tmp/secret-d444/dir   glob.tmp/secret-d444/file
+>glob.tmp/secret-s444/dir   glob.tmp/secret-s444/file
+>glob.tmp/secret-d111/file  glob.tmp/secret-s111/file
+
+ print -rC 2 -- glob.tmp/secret-*/dir/*
+0:glob files in readable directories inside unreadable directories
+>glob.tmp/secret-d111/dir/file  glob.tmp/secret-s111/dir/file
+
  # On macOS, stat(2) allows files to be treated as directories if the calling
  # process has super-user privileges. e.g., stat() on /my/regular/file/. will
  # succeed as root but (correctly) fail otherwise. This can produce strange


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-01-25  0:15 [PATCH] Tests for globbing below protected directories Bart Schaefer
@ 2021-01-26 23:56 ` Daniel Shahaf
  2021-02-02  2:45   ` Bart Schaefer
  0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-01-26 23:56 UTC (permalink / raw)
  To: Zsh hackers list

Bart Schaefer wrote on Sun, Jan 24, 2021 at 16:15:23 -0800:
> Does this test look as expected?

It's a little counter-intuitive that foo/* is not a superset of foo/file.  The
former can't tractably discover d111/file, of course.  As to whether
foo/file fall back to readdir() when the directory is readable but not
executable, I guess this was either discussed in the other thread or is
ETOOMUCHEFFORT, or possibly both — but it's too late right now for me to go
look, sorry.

Thanks for the patch, Bart.

> Note there are trailing spaces on the "print -raC 2" output, which surprised
> me but has nothing to do with the test itself.
> 

The trailing spaces were eaten by something in the email delivery chain, but
they're definitely unrelated to the test itself:

% print -raC 2 x y | sed 's/$/$/'
x  y  $
% 

Daniel


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-01-26 23:56 ` Daniel Shahaf
@ 2021-02-02  2:45   ` Bart Schaefer
  2021-02-03 11:22     ` Daniel Shahaf
  0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-02  2:45 UTC (permalink / raw)
  To: Daniel Shahaf; +Cc: Zsh hackers list

On Tue, Jan 26, 2021 at 3:56 PM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> It's a little counter-intuitive that foo/* is not a superset of foo/file.  The
> former can't tractably discover d111/file, of course.  As to whether
> foo/file fall back to readdir() when the directory is readable but not
> executable

I'm not sure what you mean here.  There's no comparison of foo/* to
foo/file ... the test case is comparing f*/* to f*/file

Does that mean there's a test case missing?


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-02  2:45   ` Bart Schaefer
@ 2021-02-03 11:22     ` Daniel Shahaf
  2021-02-03 22:33       ` Bart Schaefer
  0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-03 11:22 UTC (permalink / raw)
  To: Zsh hackers list

Bart Schaefer wrote on Mon, Feb 01, 2021 at 18:45:15 -0800:
> On Tue, Jan 26, 2021 at 3:56 PM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
> >
> > It's a little counter-intuitive that foo/* is not a superset of foo/file.  The
> > former can't tractably discover d111/file, of course.  As to whether
> > foo/file fall back to readdir() when the directory is readable but not
> > executable
> 
> I'm not sure what you mean here.  There's no comparison of foo/* to
> foo/file ... the test case is comparing f*/* to f*/file

Sorry I wasn't clear.  I was observing that the expansion of «*/*» does not
include «foo/bar», even though the expansion of «*/bar» does include «foo/bar»
and one might expect the expansion of «*/*» to be a superset of the expansion of
«*/bar».  This could be surprising.

> Does that mean there's a test case missing?

I don't know of a missing test case.

Cheers,

Daniel


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-03 11:22     ` Daniel Shahaf
@ 2021-02-03 22:33       ` Bart Schaefer
  2021-02-03 23:06         ` Bart Schaefer
  0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-03 22:33 UTC (permalink / raw)
  To: Daniel Shahaf; +Cc: Zsh hackers list

On Wed, Feb 3, 2021 at 3:22 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> Sorry I wasn't clear.  I was observing that the expansion of «*/*» does not
> include «foo/bar», even though the expansion of «*/bar» does include «foo/bar»
> and one might expect the expansion of «*/*» to be a superset of the expansion of
> «*/bar».  This could be surprising.

Perhaps, but that's the definition of the difference between
"readable" and "searchable" (executable) directories.  In the example
of «foo/bar», if the parent of foo is searchable but foo is only
readable, then you can expand «*» to discover foo and attempt to
"read" under «foo/» for the existence of the known name bar, but you
can't "search" foo (expand «foo/*») to discover anything, so by
extension «*/*» can't include «foo/bar».


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-03 22:33       ` Bart Schaefer
@ 2021-02-03 23:06         ` Bart Schaefer
  2021-02-04 13:09           ` Daniel Shahaf
  0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-03 23:06 UTC (permalink / raw)
  To: Daniel Shahaf; +Cc: Zsh hackers list

On Wed, Feb 3, 2021 at 2:33 PM Bart Schaefer <schaefer@brasslantern.com> wrote:
>
> Perhaps, but that's the definition of the difference between
> "readable" and "searchable" (executable) directories.

Put more concretely:

mode | opendir(x) | stat(x/name) |
dr-- |   yes     |    no        |
dr-x |   yes      |    yes       |
d--x |   no       |    yes       |

It's that first one that produces your surprising result, globbing
only returns names it can stat() and only pattern-matches in
directories it can opendir().


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-03 23:06         ` Bart Schaefer
@ 2021-02-04 13:09           ` Daniel Shahaf
  2021-02-04 21:34             ` Bart Schaefer
  0 siblings, 1 reply; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-04 13:09 UTC (permalink / raw)
  To: zsh-workers

Bart Schaefer wrote on Wed, 03 Feb 2021 23:06 +00:00:
> On Wed, Feb 3, 2021 at 2:33 PM Bart Schaefer <schaefer@brasslantern.com> wrote:
> >
> > Perhaps, but that's the definition of the difference between
> > "readable" and "searchable" (executable) directories.
> 
> Put more concretely:

Yeah, I understand why it happens.  It's obvious if one knows that
«foo/*» is implemented by readdir() and «foo/bar» by stat().  The thing
is, someone who learnt glob patterns as a black box might not be
familiar with the relevant syscall/permission semantics and thus may be
surprised by this behaviour.


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-04 13:09           ` Daniel Shahaf
@ 2021-02-04 21:34             ` Bart Schaefer
  2021-02-06 12:15               ` Daniel Shahaf
  0 siblings, 1 reply; 9+ messages in thread
From: Bart Schaefer @ 2021-02-04 21:34 UTC (permalink / raw)
  To: Daniel Shahaf; +Cc: zsh-workers

On Thu, Feb 4, 2021 at 5:10 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
>
> someone who learnt glob patterns as a black box might not be
> familiar with the relevant syscall/permission semantics and thus may be
> surprised by this behaviour.

Is there something you suggest we do about it?


^ permalink raw reply	[flat|nested] 9+ messages in thread

* Re: [PATCH] Tests for globbing below protected directories
  2021-02-04 21:34             ` Bart Schaefer
@ 2021-02-06 12:15               ` Daniel Shahaf
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel Shahaf @ 2021-02-06 12:15 UTC (permalink / raw)
  To: zsh-workers

Bart Schaefer wrote on Thu, Feb 04, 2021 at 13:34:47 -0800:
> On Thu, Feb 4, 2021 at 5:10 AM Daniel Shahaf <d.s@daniel.shahaf.name> wrote:
> >
> > someone who learnt glob patterns as a black box might not be
> > familiar with the relevant syscall/permission semantics and thus may be
> > surprised by this behaviour.
> 
> Is there something you suggest we do about it?

No, unless it's technically a POSIX violation or something, in which case we
can take it from there.


^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2021-02-06 12:16 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-01-25  0:15 [PATCH] Tests for globbing below protected directories Bart Schaefer
2021-01-26 23:56 ` Daniel Shahaf
2021-02-02  2:45   ` Bart Schaefer
2021-02-03 11:22     ` Daniel Shahaf
2021-02-03 22:33       ` Bart Schaefer
2021-02-03 23:06         ` Bart Schaefer
2021-02-04 13:09           ` Daniel Shahaf
2021-02-04 21:34             ` Bart Schaefer
2021-02-06 12:15               ` Daniel Shahaf

zsh-workers

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/zsh-workers

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 zsh-workers zsh-workers/ http://inbox.vuxu.org/zsh-workers \
		zsh-workers@zsh.org
	public-inbox-index zsh-workers

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.zsh.workers


code repositories for the project(s) associated with this inbox:

	https://git.vuxu.org/mirror/zsh/

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git