Fix: path-writable-to-me bug, for root.

* share/txr/stdlib/path-test.tl (sys:path-access): Comment added to note use restriction to identical permissions for all three scopes. Fixed incorrect use of logior instead of logand which causes strict permission test to be applied to user even when testing for non-execute permisisons.
author: Kaz Kylheku <kaz@kylheku.com> 2016-05-04 06:56:12 -0700
committer: Kaz Kylheku <kaz@kylheku.com> 2016-05-04 06:56:12 -0700
commit: 06f99de5d9a429164c2ae959f16cd575e86400bb (patch)
tree: bdd933523fd919ef2032d54888d8d5e2c624ec15
parent: c8b26dd45545170b717ade1ddcb2fe800524c0f7 (diff)
download: txr-06f99de5d9a429164c2ae959f16cd575e86400bb.tar.gz
txr-06f99de5d9a429164c2ae959f16cd575e86400bb.tar.bz2
txr-06f99de5d9a429164c2ae959f16cd575e86400bb.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/share/txr/stdlib/path-test.tl b/share/txr/stdlib/path-test.tl
index 851ac61b..cb2a1c48 100644
--- a/share/txr/stdlib/path-test.tl
+++ b/share/txr/stdlib/path-test.tl
@@ -77,12 +77,13 @@
       (or (= g (getegid))
           (find g (getgroups))))))
 
+;; umask, gmask and omask must test identical permissions
 (defun sys:path-access (path umask gmask omask)
   (sys:path-test (s stat path)
     (let ((m s.mode)
           (euid (geteuid)))
       (cond
-        ((zerop euid) (or (zerop (logior umask s-ixusr))
+        ((zerop euid) (or (zerop (logand umask s-ixusr))
                           (plusp (logand m (logior umask gmask omask)))))
         ((= euid s.uid) (plusp (logand m umask)))
         ((let ((g s.gid))
author	Kaz Kylheku <kaz@kylheku.com>	2016-05-04 06:56:12 -0700
committer	Kaz Kylheku <kaz@kylheku.com>	2016-05-04 06:56:12 -0700
commit	06f99de5d9a429164c2ae959f16cd575e86400bb (patch)
tree	bdd933523fd919ef2032d54888d8d5e2c624ec15
parent	c8b26dd45545170b717ade1ddcb2fe800524c0f7 (diff)
download	txr-06f99de5d9a429164c2ae959f16cd575e86400bb.tar.gz txr-06f99de5d9a429164c2ae959f16cd575e86400bb.tar.bz2 txr-06f99de5d9a429164c2ae959f16cd575e86400bb.zip