Project

General

Profile

Actions
Copy link

Feature #8712

open

change getcwd behavior

Added by Brian De Wolf about 6 years ago. Updated over 5 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Start date:
2017-10-11
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:
External Bug:

Description

This is a feature request to change getcwd to not implement this failure case:

GETCWD
...
The getcwd() function may fail if:

EACCES
                 A parent directory cannot be read to get its name.

This failure case hampers a process' ability to safely operate in a directory with shared access. The prime example of an application harmed by this is Samba. Samba exports directories via SMB. When Samba moves around the exported directory, it uses getcwd to validate it hasn't left the exported tree. With the failure case described above, a user can set permissions on their own directories such that getcwd fails. If getcwd is unreliable, Samba is unable to verify its location and refuses to perform certain actions.

Samba's other major platforms (Linux, FreeBSD) do not have this restriction in their getcwd implementation. I was also informed by an Oracle engineer that Solaris 11 and Solaris 10U11 have changed getcwd's behavior as well.

Can getcwd be changed to match other modern platforms while still following the standard?

Samba bug: https://bugzilla.samba.org/show_bug.cgi?id=13027
illumos-discuss thread: https://illumos.topicbox.com/groups/discuss/T1bf578bf66b8b8b0

Actions
Copy link
 #1

Updated by Paul Henson about 6 years ago

Not sure how relevant these are, but a couple links posted on the mailing list so you don't have to dig for them:

https://blogs.oracle.com/casper/solaris-11:-evolution-of-vpath

https://blogs.oracle.com/casper/getcwdnull,-0-revisited

Actions
Copy link

Also available in: Atom PDF