From mkamm@sbox.tu-graz.ac.at  Sun Feb 11 14:43:53 2001
Return-Path: <mkamm@sbox.tu-graz.ac.at>
Received: from ns1.tu-graz.ac.at (ns1.tu-graz.ac.at [129.27.2.3])
	by hub.freebsd.org (Postfix) with ESMTP id 8853437B401
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 11 Feb 2001 14:43:52 -0800 (PST)
Received: from homebox.kammerhofer.org (isdn091.tu-graz.ac.at [129.27.240.91])
	by ns1.tu-graz.ac.at (8.9.3/8.9.3) with ESMTP id XAA07824
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 11 Feb 2001 23:43:47 +0100 (MET)
Received: (from mkamm@localhost)
	by homebox.kammerhofer.org (8.11.2/8.11.2) id f1AIisA11912;
	Sat, 10 Feb 2001 19:44:54 +0100 (CET)
	(envelope-from mkamm)
Message-Id: <200102101844.f1AIisA11912@homebox.kammerhofer.org>
Date: Sat, 10 Feb 2001 19:44:54 +0100 (CET)
From: mkamm@gmx.net
Reply-To: mkamm@gmx.net
To: FreeBSD-gnats-submit@freebsd.org
Subject: lstat(2) returns bogus permissions on symlinks
X-Send-Pr-Version: 3.2

>Number:         25018
>Category:       kern
>Synopsis:       [libc] lstat(2) returns bogus permissions on symlinks
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Feb 11 14:50:02 PST 2001
>Closed-Date:    Mon Feb 02 11:22:59 UTC 2009
>Last-Modified:  Mon Feb 02 11:22:59 UTC 2009
>Originator:     Martin Kammerhofer
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
Universitt Graz
>Environment:
>Description:

I quote a commitlog message here:

##peter       97/03/31 04:03:04
##
##  Treat symlinks as first class citizens with their own uid/gid rather than
##  as shadows of their containing directory.  This should solve the problem
##  of users not being able to delete their symlinks from /tmp once and for
##  all.
##  
##  Symlinks do not have modes though, they are accessable to everything that
##  can read the directory (as before).  They are made to show this fact at
##  lstat time (they appear as mode 0777 always, since that's how the the
##  lookup routines in the kernel treat them).
##  
##  More commits will follow, eg: add a real lchown() syscall and man pages.
##  
##  Revision  Changes    Path
##  1.62      +19 -70    src/sys/kern/vfs_syscalls.c


However the mentioned feature "appear as mode 0777" was broken later
when mount option "nosymfollow" was introduced because the mode was
written to the wrong variable.

For easy reference I quote a part of this second commit log too:

##wosch       1998/04/08 11:32:00 PDT
##  New mount option nosymfollow. If enabled, the kernel lookup()
##  function will not follow symbolic links on the mounted
##  file system and return EACCES (Permission denied).
##  
##  Revision  Changes    Path
##  1.97      +3 -5      src/sys/kern/vfs_syscalls.c
##  1.55      +6 -1      src/sys/kern/vfs_vnops.c


>How-To-Repeat:

(umask 321 && ln -s "have strange but nontheless nonexistant perms" symlinks)
ls -l symlinks

The permissions shown reflect the umask value at the time of the
symlink(2) call rather than the more intuitive "lrwxrwxrwx" or
in case of mount -onosymfollow "l---------".

>Fix:

Don't set a variable that will be overwritten shortly after the
break...

Index: vfs_vnops.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/vfs_vnops.c,v
retrieving revision 1.107
diff -u -11 -r1.107 vfs_vnops.c
--- vfs_vnops.c	2001/01/24 12:35:50	1.107
+++ vfs_vnops.c	2001/02/10 12:57:00
@@ -479,25 +479,25 @@
 		break;
 	case VBLK:
 		mode |= S_IFBLK;
 		break;
 	case VCHR:
 		mode |= S_IFCHR;
 		break;
 	case VLNK:
 		mode |= S_IFLNK;
 		/* This is a cosmetic change, symlinks do not have a mode. */
 		if (vp->v_mount->mnt_flag & MNT_NOSYMFOLLOW)
-			sb->st_mode &= ~ACCESSPERMS;	/* 0000 */
+			mode &= ~ACCESSPERMS;	/* 0000 */
 		else
-			sb->st_mode |= ACCESSPERMS;	/* 0777 */
+			mode |= ACCESSPERMS;	/* 0777 */
 		break;
 	case VSOCK:
 		mode |= S_IFSOCK;
 		break;
 	case VFIFO:
 		mode |= S_IFIFO;
 		break;
 	default:
 		return (EBADF);
 	};
 	sb->st_mode = mode;

>Release-Note:
>Audit-Trail:

From: Bruce Evans <bde@zeta.org.au>
To: mkamm@gmx.net
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: kern/25018: lstat(2) returns bogus permissions on symlinks
Date: Mon, 12 Feb 2001 17:11:43 +1100 (EST)

 On Sat, 10 Feb 2001 mkamm@gmx.net wrote:
 
 > >How-To-Repeat:
 > 
 > (umask 321 && ln -s "have strange but nontheless nonexistant perms" symlinks)
 > ls -l symlinks
 > 
 > The permissions shown reflect the umask value at the time of the
 > symlink(2) call rather than the more intuitive "lrwxrwxrwx" or
 > in case of mount -onosymfollow "l---------".
 
 Fixing this makes lchmod(2) more useless than it already is :-).
 
 Bruce
 
 
Responsible-Changed-From-To: freebsd-bugs->rwatson 
Responsible-Changed-By: rwatson 
Responsible-Changed-When: Sat Mar 8 20:50:01 UTC 2008 
Responsible-Changed-Why:  
Grab ownership. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=25018 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/25018: commit references a PR
Date: Sun,  3 Aug 2008 15:45:24 +0000 (UTC)

 rwatson     2008-08-03 15:44:56 UTC
 
   FreeBSD src repository
 
   Modified files:
     sys/kern             vfs_vnops.c 
   Log:
   SVN rev 181254 on 2008-08-03 15:44:56Z by rwatson
   
   Remove broken code to replace st_mode value with ACCESSPERMS when
   lstat(2) is called on symlinks -- this code appears never to have
   worked.  The PR this addresses suggests that the intended
   original behavior is the right one, but as bde points out in the
   PR comments, we do actually support storing a mode on symlinks,
   so returning it seems reasonable.
   
   This is consistent with Mac OS X, which despite documentation to
   the contrary does return the mode set on a symlink, but not some
   other platforms.  The Single Unix Spec requires only that the
   returned bits be "meaningful", which seems at best unhelpful as
   advice goes.
   
   PR:             25018
   MFC after:      3 days
   
   Revision  Changes    Path
   1.262     +0 -5      src/sys/kern/vfs_vnops.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: rwatson 
State-Changed-When: Sun Aug 3 15:55:02 UTC 2008 
State-Changed-Why:  
Transition to patched as I have removed the bogus code.  This is not the 
change requested in this PR, but does address the issue of the broken 
code.  I'll close the PR once this change has been MFC'd.  Thanks for the 
report, and apologies for the extraordinarily long time it has taken for 
someone to pick up this PR. 


http://www.freebsd.org/cgi/query-pr.cgi?pr=25018 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/25018: commit references a PR
Date: Sun, 31 Aug 2008 21:27:25 +0000 (UTC)

 rwatson     2008-08-31 21:27:05 UTC
 
   FreeBSD src repository
 
   Modified files:        (Branch: RELENG_7)
     sys/kern             vfs_vnops.c 
   Log:
   SVN rev 182574 on 2008-08-31 21:27:05Z by rwatson
   
   Merge r181254 from head to stable/7:
   
     Remove broken code to replace st_mode value with ACCESSPERMS when
     lstat(2) is called on symlinks -- this code appears never to have
     worked.  The PR this addresses suggests that the intended
     original behavior is the right one, but as bde points out in the
     PR comments, we do actually support storing a mode on symlinks,
     so returning it seems reasonable.
   
     This is consistent with Mac OS X, which despite documentation to
     the contrary does return the mode set on a symlink, but not some
     other platforms.  The Single Unix Spec requires only that the
     returned bits be "meaningful", which seems at best unhelpful as
     advice goes.
   
     PR:             25018
   
   Revision   Changes    Path
   1.252.2.1  +0 -5      src/sys/kern/vfs_vnops.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: rwatson 
State-Changed-When: Mon Feb 2 11:21:09 UTC 2009 
State-Changed-Why:  
Close PR as this fix has been merged to 7.x, and was included in 
FreeBSD 7.1.  Thanks for the report and patch! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=25018 
>Unformatted:
