Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Address review comments on libuv patch #16

Open
wants to merge 6 commits into
base: julia-uv2-1.44.2
Choose a base branch
from

Conversation

staticfloat
Copy link
Member

This hopefully addresses the two actionable comments from @erw7. In particular:

  • We use AccessCheck() unconditionally on during access().

  • I don't allow other to have more permissions than group. This is necessary because in cases like chmod("foo", 0o757), the DENY entry for group (necessary because other has more permissions than group) ends up blocking the user, due to the fact that user belongs to group. So I just mask out any bits that other has that group doesn't, so 0o757 turns into 0o755. You can still have 0o057, or 0o700 or whatever, it's just the case where other has bits that group doesn't that gets fixed up.

Comment on lines +2434 to +2455
* we're building, the `SetNamedSecurityInfoW()` function call below will
* place all DENY entries first, and all `ALLOW` entries second. This
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you mean SetEntriesInAcl, which we should perhaps just avoid due to this (like cygwin)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

From my initial explorations, if we don't use SetEntriesInAcl, it's a lot more work. We have to manually merge entries and such that I would much prefer not to do. The Cygwin function to do this is many hundreds of lines of code; not counting their ACL datatype abstraction. I don't actually care about this case (others with more permissions than group) very much, so I'm alright with just not supporting it and doing something less-broken than before.

@musm
Copy link

musm commented Dec 28, 2020

Does this solve issues like the following:

mkdir("C:\\test")
chmod("C:\\test", 0o777)
rm("C:\\test") # currently a permission denied error

# On the other hand, without chmod
mkdir("C:\\test")
rm("C:\\test") # works

@vtjnash vtjnash changed the base branch from julia-uv2-1.39.0 to julia-uv2-1.42.0 July 26, 2021 19:19
@vtjnash vtjnash changed the base branch from julia-uv2-1.42.0 to julia-uv2-1.39.0 July 26, 2021 19:20
@vtjnash
Copy link
Member

vtjnash commented Jul 26, 2021

bump

1 similar comment
@vtjnash
Copy link
Member

vtjnash commented Jul 12, 2022

bump

@staticfloat staticfloat changed the base branch from julia-uv2-1.39.0 to julia-uv2-1.44.2 October 18, 2022 18:48
@staticfloat
Copy link
Member Author

With the latest commit on windows:

mktempdir() do dir
    foo = joinpath(dir, "foo")
    @info("default")
    touch(foo)
    run(`icacls $(foo)`)

    for perm in (0o777, 0o757, 0o750, 0o600)
        @info(string(perm, base=8))
        chmod(foo, perm)
        run(`icacls $(foo)`)
        @show Sys.isexecutable(foo)
    end
end

Results in:

[ Info: default
C:\Users\Administrator\AppData\Local\Temp\jl_zAzid9\foo NT AUTHORITY\SYSTEM:(I)(F)
                                                        BUILTIN\Administrators:(I)(F)
                                                        DEBUGGING-AMDCI\Administrator:(I)(F)

Successfully processed 1 files; Failed processing 0 files
[ Info: 777
C:\Users\Administrator\AppData\Local\Temp\jl_zAzid9\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(M,DC)
                                                        Everyone:(M,DC)
                                                        NT AUTHORITY\SYSTEM:(M,DC)
                                                        DEBUGGING-AMDCI\Administrator:(M,DC)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 757
C:\Users\Administrator\AppData\Local\Temp\jl_zAzid9\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(RX,WA)
                                                        Everyone:(RX,WA)
                                                        NT AUTHORITY\SYSTEM:(RX,WA)
                                                        DEBUGGING-AMDCI\Administrator:(RX,WA)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 750
C:\Users\Administrator\AppData\Local\Temp\jl_zAzid9\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(RX,WA)
                                                        DEBUGGING-AMDCI\Administrator:(RX,WA)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 600
C:\Users\Administrator\AppData\Local\Temp\jl_zAzid9\foo BUILTIN\Administrators:(R,W,D,DC)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = false

Which I think all looks good to me. I also added some icacls calls to remove all ACE entries, hoping that this would cause the ACL to return NULL, and it continued to function just fine:

mktempdir() do dir
    foo = joinpath(dir, "foo")
    @info("default")
    touch(foo)
    run(`icacls $(foo)`)

    @info("NULL")
    run(`icacls $(foo) /inheritance:d`)
    run(`icacls $(foo) /remove "NT AUTHORITY\\SYSTEM"`)
    run(`icacls $(foo) /remove BUILTIN\\Administrators`)
    run(`icacls $(foo) /remove Administrator`)
    run(`icacls $(foo)`)

    for perm in (0o777, 0o757, 0o750, 0o600)
        @info(string(perm, base=8))
        chmod(foo, perm)
        run(`icacls $(foo)`)
        @show Sys.isexecutable(foo)
    end
end
[ Info: default
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo NT AUTHORITY\SYSTEM:(I)(F)
                                                        BUILTIN\Administrators:(I)(F)
                                                        DEBUGGING-AMDCI\Administrator:(I)(F)

Successfully processed 1 files; Failed processing 0 files
[ Info: NULL
processed file: C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo
Successfully processed 1 files; Failed processing 0 files
processed file: C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo
Successfully processed 1 files; Failed processing 0 files
processed file: C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo
Successfully processed 1 files; Failed processing 0 files
processed file: C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo
Successfully processed 1 files; Failed processing 0 files
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo 
Successfully processed 1 files; Failed processing 0 files
[ Info: 777
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(M,DC)
                                                        Everyone:(M,DC)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 757
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(RX,WA)
                                                        Everyone:(RX,WA)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 750
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo BUILTIN\Administrators:(M,DC)
                                                        DEBUGGING-AMDCI\None:(RX,WA)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = true
[ Info: 600
C:\Users\Administrator\AppData\Local\Temp\jl_3cqGE6\foo BUILTIN\Administrators:(R,W,D,DC)

Successfully processed 1 files; Failed processing 0 files
Sys.isexecutable(foo) = false

@vtjnash
Copy link
Member

vtjnash commented Oct 19, 2022

CI is unhappy with this currently:

D:\a\libuv\libuv\src\win\fs.c(2448,3): warning C4013: 'build_access_struct' undefined; assuming extern returning int D:\a\libuv\libuv\src\win\fs.c(2518,37): error C2065: 'S_IWUSR': undeclared identifier D:\a\libuv\libuv\src\win\fs.c(2518,47): error C2065: 'S_IWGRP': undeclared identifier D:\a\libuv\libuv\src\win\fs.c(2518,56): error C2065: 'S_IWOTH': undeclared identifier D:\a\libuv\libuv\src\win\fs.c(2521,37): error C2065: 'S_IWUSR': undeclared identifier D:\a\libuv\libuv\src\win\fs.c(2521,47): error C2065: 'S_IWGRP': undeclared identifier D:\a\libuv\libuv\src\win\fs.c(2521,56): error C2065: 'S_IWOTH': undeclared identifier

@vtjnash
Copy link
Member

vtjnash commented Oct 21, 2022

we can merge once CI passes

@staticfloat
Copy link
Member Author

I can't tell if CI is passing 😅

@vtjnash
Copy link
Member

vtjnash commented Nov 30, 2022

Fair point, but let's say at least "builds" even if it does not then pass all tests

@staticfloat
Copy link
Member Author

It does build on our windows CI machines, which is where I tested it. What build status should I pay attention to here that says it doesn't build?

@vtjnash
Copy link
Member

vtjnash commented Dec 1, 2022

The console here for GitHub actions splits up the jobs by stage. FWIW, it is an MSVC thing, probably where the definitions are supposed to have a leading _ but where mingw-w64 adds extra ones without the underscore for simplicity

@staticfloat
Copy link
Member Author

I tried using _mode_t, but it doesn't know that one either. I decided to just use DWORD, since this variable is completely of our own construction anyway.

@vtjnash
Copy link
Member

vtjnash commented Jan 11, 2023

still failing CI

D:\a\libuv\libuv\src\win\fs.c(2432,41): error C2065: 'S_IRWXU': undeclared identifier [D:\a\libuv\libuv\build\uv.vcxproj]
[104](https://github.com/JuliaLang/libuv/actions/runs/3621315770/jobs/6104606485#step:4:105)

@staticfloat
Copy link
Member Author

Hmmm, should I #define those if they're missing?

@vtjnash
Copy link
Member

vtjnash commented Jan 12, 2023

yep

@vtjnash
Copy link
Member

vtjnash commented May 23, 2023

bump?

staticfloat and others added 5 commits May 23, 2023 14:22
No longer shy away from using `AccessCheck()` for simple `W_OK`/`R_OK`
checks; use it for all calls unconditionally.
Because our ACL implementation does not have the required flexibility to
represent situations such as `0o757` due to the permissions ordering
that Windows naturally applies, we simply do not allow the `other`
entity to have permissions that the `group` entity does not have.  This
causes `chmod(0o757)` to be transparently mapped to `chmod(0o755)`, as
an example.
Previously, we would apply permissions only to groups that we were a
part of, but we should apply our "other" permissions to groups that we
are not a part of.
It's not needed to use `mode_t` here, and it just confuses VS.
@vtjnash
Copy link
Member

vtjnash commented Feb 9, 2024

bump?

1 similar comment
@vtjnash
Copy link
Member

vtjnash commented Jan 17, 2025

bump?

@staticfloat
Copy link
Member Author

What more needs to be done here? I #define'd the missing symbols, correct?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants