Bug 23990

Summary: access(2) system call reports an immutable file as writable
Product: Base System Reporter: jau
Component: kernAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description jau 2001-01-01 12:10:01 UTC 
The access(2) system call reports an immutable file as writable
though the reasonable approach would be to report "not writable".

This is a problem for programs that rely on accept(2) providing
them correct information about the accessibilty of files.
Especially when someone wants to quickly review one's files'
accessibility with a program like access(1) the current behaviour
produces misleading results and is logically in contradiction with
reporting files on read-only mounted file systems as "not writable".

Currently the only way to really know whether writing is OK or not
is by trying to open the file for writing.

Fix: 

Should be relatively straight forward by adding
a VOP_GETATTR(vp, &va, p->p_ucred, p) call and
(va.va_flags & IMMUTABLE) test to access(2).
How-To-Repeat: # touch testfile
# chflags uchg testfile
# access -w testfile
Comment 1 dhagan 2001-01-03 21:36:02 UTC 
temp.c ----
#include <unistd.h>
main() {
  printf("%d\n", access("blah", W_OK));
}
-----> compiled into a.out

% touch blah
% chflags uchg blah
% ls -lo
-rw-------  1 dhagan  dhagan  uchg    0 Jan  3 16:30 blah
% ./a.out 
-1
% chflags nouchg blah
% ./a.out
0

Seems to work ok to me.  Maybe this was a problem in 3.5.1.  I'd try
upgrading to the 4.x branch.

Daniel
Comment 2 mpp freebsd_committer freebsd_triage 2001-03-23 23:25:52 UTC 
State Changed
From-To: open->closed

I've verified that the access(2) system call returns the correct value 
when testing if immutable files can be written.  I tested on 4.0,  
4.2-stable, and 5.0-current.   

I think you may not have been confused about how the "access" command  
was working (the one I've got on my system was installed as part of the  
teTeX port).  It appears to just be a very stripped down version of 
the "test" command.  Here is output from a session: 

Script started on Fri Mar 23 17:19:33 2001 
acme 1%	touch testfile 
acme 2%	access -w testfile 
acme 3%	echo $status 
0 
acme 4%	chflags uchg testfile 
acme 5%	access -w testfile 
acme 6%	echo $status 
1 
acme 7%	exit 
exit 

Script done on Fri Mar 23 17:20:04 2001 

Note that the command doesn't output any messages if access to the 
file is not allowed.