From 4ce97555e48f67e27643f4eb5d8ba6f6e8540bb1 Mon Sep 17 00:00:00 2001 From: BritishTeapot Date: Mon, 24 Mar 2025 17:17:33 +0100 Subject: [PATCH] Fixed a testing bug The script was correctly opening the `truth` file by piping `echo` to it, but then it tried to deny another operation on it. But since pipes are opened by the script process, the permission was given to the script. And since the permissions are preserved for the entire runtime of a process, and child processes inherit permissions of their parents, any command executed later would also have the necessary permissions to open `truth` (which was the case for the second operation). Now the second operation is performed on a different file. --- test/test.bash | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/test/test.bash b/test/test.bash index 5bfbfdf..99bd9dc 100755 --- a/test/test.bash +++ b/test/test.bash @@ -4,7 +4,7 @@ rm -rf ./protected mkdir protected -touch ./protected/do-not-remove ./protected/should-be-removed ./protected/truth ./protected/perm000 ./protected/perm777 ./protected/this-name-is-wrong +touch ./protected/do-not-remove ./protected/should-be-removed ./protected/truth ./protected/perm000 ./protected/perm777 ./protected/should-be-renamed ./protected/do-not-rename chmod 777 ./protected/perm777 ./protected/perm000 echo "Free code, free world." >./protected/motto @@ -70,11 +70,11 @@ rm ./protected/should-be-removed >/dev/null 2>/dev/null && # rename files zenity --set-fake-response no -mv ./protected/truth ./protected/lie 2>/dev/null && +mv ./protected/do-not-rename ./protected/terrible-name 2>/dev/null && echo "[ICFS-TEST]: mv can rename protected/truth despite access being denied!" || echo "[ICFS-TEST]: OK" # EACCESS zenity --set-fake-response yes_tmp -mv ./protected/this-name-is-wrong ./protected/this-name-is-correct 2>/dev/null && +mv ./protected/should-be-renamed ./protected/great-name 2>/dev/null && echo "[ICFS-TEST]: OK" || echo "[ICFS-TEST]: mv cannot rename should-be-removed to renamed-file despite access being permitted!" # OK