On Sat, Apr 1, 2023 at 12:06 AM Theo Buehler <t...@theobuehler.org> wrote:
>
> While I agree with Solène that we don't necessarily want or need this
> patch, I think it is nicely done. I myself don't find the -perm primary
> very intuitive and I find its manual hard to decipher, so your patch
> would save me a few minutes time every so often.
Understood. It makes sense that OpenBSD does not have the special cases
that Linux does so the call to access(2) adds additional overhead
without covering any more cases.
> There are a few things that go against style(9), most obviously the
> 4-space tabs (also in the head -c patch) as well as using a function
> call for initialization. The whitespace issue also means that the
> patches won't apply to the source tree.
>
> See sys_access() in sys/kern/vfs_syscalls.c
>
> We try to add features only if there is a good reason to do so. For
> non-POSIX options to standard utilities the bar is quite high. You might
> have more luck with getting patches reviewed and accepted if you try to
> find bugs and fix them.
I'm not sure why I haven't seen style(9) before. Obviously this is an
oversight on my part. Thank you for the pointers.
For some reason I haven't received the email from Solène (even after
requesting it re-sent on lists.openbsd.org; nor is it in spam; I will
look further into this issue), so I'm adding my reply in-line here:
> this doesn't add much value IMO, we already have -perm that can be used
> to return paths matching the permission, or only a bit.
>
> find . -executable can be written find . -type f -perm -100
> find . -writable can be written find . -type f -perm -200
> find . -readable can be written find . -type f -perm -400
I'm not sure these are equivalent. My (limited?) understanding is these
examples are checking whether the file's owner has the specified
permissions.
The intention for my patch is to return true if the caller of find has
the specified permissions.
Here is a contrived example that showcases the difference:
home$ touch a.txt && chmod 744 a.txt && whoami
jared
Using -perm, the www user finds a.txt because it's executable by the
file owner:
home$ doas -u www find . -type f -perm -100
./a.txt
Using -executable, the www user finds nothing because it is not
executable by the caller.
home$ doas -u www /usr/src/usr.bin/find/find . -type f -executable
Using -executable, the jared user find a.txt because it is executable by
the caller.
home$ /usr/src/usr.bin/find/find . -type f -executable
./a.txt
Based on my reading of -perm, this functionality is not possible.
I suppose then that this point of confusion (the ambiguous nature of
what -executable, et al, actually does) is a good reason not to continue
on this patch.
> on linux, those flags make sense to have because they also take care of
> ACLs, while their -perm doesn't. OpenBSD doesn't have ACLs.
Thanks for the explanation.
