Actually, scratch that, I can confirm that Android has their permissions set to 711 on the /data folder. Otherwise we wouldn't be able to cd to them. And the 1 bit *is* the searchable bit (not the executable bit) for directories (TIL), so /data is searchable. So, both the pre-patch and post-patch behaviors are noncompliant. The first is too strict and this is too lenient (although I prefer more lenient than strict). Back to the drawing board, I guess. On Tue, Jan 12, 2021, 7:53 PM Devin Hussey wrote: > We are already violating POSIX with our globbing: > > "If the pattern does not match any existing filenames or pathnames, the > pattern string shall be left unchanged." > > Therefore, this: > > zsh:1: no matches found: /tmp/inaccessible/a/* > > is wrong, it should just print this: > > /tmp/inaccessible/a/* > > Also, at least with the implementation on my device, the glob() function > works fine as long as the folder has execute permission. (The sample was > wrong, it should be 111, not 000) > > On Tue, Jan 12, 2021, 6:47 PM Lawrence Velázquez wrote: > >> > On Jan 12, 2021, at 5:42 PM, Devin Hussey >> wrote: >> > >> > Even if we can't access a parent folder, there is still a chance we can >> > access a subdirectory. >> >> I might be mistaken (entirely possible!), but this behavior seems >> to violate POSIX volume 3 chapter 2 section 2.13.3, which states >> in part that >> >> Specified patterns shall be matched against existing filenames >> and pathnames, as appropriate. Each component that contains a >> pattern character shall require read permission in the directory >> containing that component. Any component, except the last, that >> does not contain a pattern character shall require search >> permission. >> >> ( >> https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_13_03 >> ) >> >> vq > >