Skip to content

rm doesn't handly restrictive permissions #47650

New issue
New issue
Closed
Closed
rm doesn't handly restrictive permissions#47650
Labels
bugIndicates an unexpected problem or unintended behaviorfilesystemUnderlying file system and functions that use it
@maleadt

Description

@maleadt
maleadt
opened on Nov 21, 2022

MWE:

mkpath("/tmp/work/work")
chmod("/tmp/work/work", 0o200)
rm("/tmp/work"; recursive=true)

... this throws:

ERROR: LoadError: IOError: readdir("/tmp/work/work"): permission denied (EACCES)
Stacktrace:
 [1] uv_error
   @ ./libuv.jl:97 [inlined]
 [2] readdir(dir::String; join::Bool, sort::Bool)
   @ Base.Filesystem ./file.jl:865
 [3] readdir
   @ ./file.jl:858 [inlined]
 [4] rm(path::String; force::Bool, recursive::Bool)
   @ Base.Filesystem ./file.jl:293
 [5] rm(path::String; force::Bool, recursive::Bool)
   @ Base.Filesystem ./file.jl:294
 [6] top-level scope
   @ /tmp/wip.jl:4
in expression starting at /tmp/wip.jl:4

... whereas rm just works:

execve("/usr/bin/rm", ["rm", "-r", "/tmp/work"], 0x7fff236280e0 /* 59 vars */) = 0
...
newfstatat(4, "work", {st_mode=S_IFDIR|0200, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
openat(4, "work", O_RDONLY|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW|O_DIRECTORY) = -1 EACCES (Permission denied)
newfstatat(4, "work", {st_mode=S_IFDIR|0200, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
faccessat2(4, "work", W_OK, AT_EACCESS) = 0
openat(4, "work", O_RDONLY|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW|O_CLOEXEC|O_DIRECTORY) = -1 EACCES (Permission denied)
newfstatat(4, "work", {st_mode=S_IFDIR|0200, st_size=40, ...}, AT_SYMLINK_NOFOLLOW) = 0
faccessat2(4, "work", W_OK, AT_EACCESS) = 0
unlinkat(4, "work", AT_REMOVEDIR)       = 0
close(4)                                = 0

Setting force=true "fixes" this, but that shouldn't be required (as rm doesn't need it), and also doesn't work when rm is invoked from, say, the mktempdir clean-up handle:

mktempdir() do dir
    mkpath("$dir/work/work")
    chmod("$dir/work/work", 0o200)
end
┌ Error: mktempdir cleanup
│   exception =
│    IOError: readdir("/tmp/jl_paLsYX/work/work"): permission denied (EACCES)
│    Stacktrace:
│      [1] uv_error
│        @ ./libuv.jl:97 [inlined]
│      [2] readdir(dir::String; join::Bool, sort::Bool)
│        @ Base.Filesystem ./file.jl:865
│      [3] readdir
│        @ ./file.jl:858 [inlined]
│      [4] rm(path::String; force::Bool, recursive::Bool)
│        @ Base.Filesystem ./file.jl:293
│      [5] rm(path::String; force::Bool, recursive::Bool) (repeats 2 times)
│        @ Base.Filesystem ./file.jl:294
│      [6] mktempdir(fn::var"#2#3", parent::String; prefix::String)
│        @ Base.Filesystem ./file.jl:769
│      [7] mktempdir(fn::Function, parent::String) (repeats 2 times)
│        @ Base.Filesystem ./file.jl:760
│      [8] top-level scope
│        @ /tmp/wip.jl:2
│      [9] include(mod::Module, _path::String)
│        @ Base ./Base.jl:419
│     [10] exec_options(opts::Base.JLOptions)
│        @ Base ./client.jl:303
│     [11] _start()
│        @ Base ./client.jl:522
└ @ Base.Filesystem file.jl:772

Files like this do exist in the wild; work/work here is similar to what overlayfs mounts create (albeit with an even more restrictive chmod of 000, which I didn't use here because it makes rm prompt for confirmation).

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugIndicates an unexpected problem or unintended behaviorfilesystemUnderlying file system and functions that use it

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions