access() uses real UID instead of effective UID which causes false negative checks in setuid programs. Remove redundant access() checks
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186431 --- libsemanage/src/direct_api.c | 7 ------- libsemanage/src/semanage_store.c | 17 ++++++++--------- 2 files changed, 8 insertions(+), 16 deletions(-) diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c index 65842df..b761b68 100644 --- a/libsemanage/src/direct_api.c +++ b/libsemanage/src/direct_api.c @@ -148,9 +148,6 @@ int semanage_direct_connect(semanage_handle_t * sh) if (semanage_create_store(sh, 1)) goto err; - if (semanage_access_check(sh) < SEMANAGE_CAN_READ) - goto err; - sh->u.direct.translock_file_fd = -1; sh->u.direct.activelock_file_fd = -1; @@ -373,10 +370,6 @@ static int semanage_direct_disconnect(semanage_handle_t * sh) static int semanage_direct_begintrans(semanage_handle_t * sh) { - - if (semanage_access_check(sh) != SEMANAGE_CAN_WRITE) { - return -1; - } if (semanage_get_trans_lock(sh) < 0) { return -1; } diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c index 6158d08..ac84349 100644 --- a/libsemanage/src/semanage_store.c +++ b/libsemanage/src/semanage_store.c @@ -537,7 +537,6 @@ char *semanage_conf_path(void) int semanage_create_store(semanage_handle_t * sh, int create) { struct stat sb; - int mode_mask = R_OK | W_OK | X_OK; const char *path = semanage_files[SEMANAGE_ROOT]; int fd; @@ -556,9 +555,9 @@ int semanage_create_store(semanage_handle_t * sh, int create) return -1; } } else { - if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + if (!S_ISDIR(sb.st_mode)) { ERR(sh, - "Could not access module store at %s, or it is not a directory.", + "Module store at %s is not a directory.", path); return -1; } @@ -579,9 +578,9 @@ int semanage_create_store(semanage_handle_t * sh, int create) return -1; } } else { - if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + if (!S_ISDIR(sb.st_mode)) { ERR(sh, - "Could not access module store active subdirectory at %s, or it is not a directory.", + "Module store active subdirectory at %s is not a directory.", path); return -1; } @@ -602,9 +601,9 @@ int semanage_create_store(semanage_handle_t * sh, int create) return -1; } } else { - if (!S_ISDIR(sb.st_mode) || access(path, mode_mask) == -1) { + if (!S_ISDIR(sb.st_mode)) { ERR(sh, - "Could not access module store active modules subdirectory at %s, or it is not a directory.", + "Module store active modules subdirectory at %s is not a directory.", path); return -1; } @@ -623,8 +622,8 @@ int semanage_create_store(semanage_handle_t * sh, int create) return -1; } } else { - if (!S_ISREG(sb.st_mode) || access(path, R_OK | W_OK) == -1) { - ERR(sh, "Could not access lock file at %s.", path); + if (!S_ISREG(sb.st_mode)) { + ERR(sh, "Object at %s is not a lock file.", path); return -1; } } -- 2.9.4
