Package: emacs;
Reported by: Philip Hodges <philip.hodges <at> bluewin.ch>
Date: Wed, 23 Apr 2014 20:57:03 UTC
Severity: minor
Done: Stefan Kangas <stefan <at> marxist.se>
Bug is archived. No further changes may be made.
View this message in rfc822 format
From: Philip Hodges <philip.hodges <at> bluewin.ch> To: Eli Zaretskii <eliz <at> gnu.org> Cc: rgm <at> gnu.org, 17330 <at> debbugs.gnu.org Subject: bug#17330: files.el cd-absolute overcome false negative from file-executable-p Date: Sun, 11 May 2014 12:46:27 +0200
So I started going through my platform collection setting up smb shares,
so that I can connect to them, and open from native and cygwin builds.
It's harder to provoke a false negative on more recent systems. Usually
it's either no connection at all, because I misconfigured something, or
the owner and group are interpreted as known, resulting in a rash of
positives, a few of which may be false.
Eventually I got a false negative result, sharing from Solaris 11.2.
The credentials given for the network connection are for the owner of
the share, who has full rwx 7 access to all these folders and files.
These messages are from cygwin emacs-w32 24.3.90.1:
; ediff-directories on my 700 and 750 folders *does* work:
Comparing '//192.168.0.18/myshare/smb/700/600' and
'//192.168.0.18/myshare/smb/750/600' modulo 'nil'
Comparing files... Done
; cd to the 700 folder does not, this is clearly a false negative:
cd-absolute: Cannot cd to //192.168.0.18/myshare/smb/700/: Permission
denied
; in a shell cd to the same 700 folder works fine
$ cd //192.168.0.18/myshare/smb/700
$ ls
600 640 644 win
$ icacls .
. S-1-5-32-766:(OI)(CI)(RX,W,WDAC,WO,DC)
S-1-5-32-767:(OI)(CI)(Rc,S,REA,RA)
Everyone:(OI)(CI)(Rc,S,REA,RA)
Successfully processed 1 files; Failed processing 0 files
cygwin emacs-w32 emacs-version "24.3.90.1"
(file-executable-p "//192.168.0.18/myshare/smb/700")
nil
Native builds do not seem to be affected:
native emacs-version "24.3.1"
(file-executable-p "//192.168.0.18/myshare/smb/700")
t
native emacs-version "24.3.90.1"
(file-executable-p "//192.168.0.18/myshare/smb/700")
t
Here are some other unexpected messages encountered on the way in no
particular order. Maybe you can eliminate or mitigate some of them.
The credentials given for the network connection here are for another
user in my group, which causes false positives for 600 and 700 modes,
resulting in noisy messages when it fails to work after all.
I would so much rather put up with messages like these from a false
positive, than be prevented from using the file due to a false negative.
Error reading dir-locals: (file-error "Opening input file" "not a
directory" "//mini2012/smb/640/.dir-locals.el")
; 640 is a regular file, not a directory, but why dir-locals.el ?
Error reading dir-locals: (file-error "Opening input file" "permission
denied" "//mini2012/smb/700/.dir-locals.el")
; 700 is not group read and searchable, but why dir-locals.el ?
Error: (file-error "Searching for program" "no such file or directory"
"bzr")
; why does emacs think I want to use bzr with this file?
Falling back on "slow" status detection ((file-error "Opening input
file" "not a directory" "//mini2012/smb/640/.bzr/checkout/dirstate"))
File exists, but cannot be read
insert-directory: Listing directory failed but `access-file' worked
; which means?
find-file-noselect-1: Wrong type argument: arrayp, nil
I'm having a hard time understanding why you want to put so much faith
in functions that are not reliable now, and will be quite hard or even
genuinely impossible to make reliable in all of quite a large number of
more or less realistic test scenarios.
; What is so wrong with:
(if (guess-this-will-work-p)
(if (try-it-did-it-work-p)
"worked as expected, you got lucky"
"so many messages, how could it possibly not work")
(if (you-want-to-try-it-anyway-be-it-on-your-own-head-p)
(if (try-it-did-it-work-p)
"so many messages: end of world, or never mind?"
"whoo hoo, worked around it, so much for your stupid guess")))
; instead of
(if (guess-this-will-work-p)
(if (try-it-did-it-work-p)
"worked as expected, you got lucky"
"so many messages, how could it possibly not work")
"I will not let you even try, even though I sometimes guess wrong")))
On 2014-05-08 18:18, Eli Zaretskii wrote:
>> Date: Thu, 08 May 2014 07:55:34 +0200
>> From: Philip Hodges <philip.hodges <at> bluewin.ch>
>> CC: rgm <at> gnu.org, 17330 <at> debbugs.gnu.org
>>
>>> I prefer to solve the problem rather than ask users work around it.
>>
>> So when can we reasonably expect a guarantee of no more false negatives
>> for users of 24.3 without having to inspect the fileio.c and files.el
>> and reinvent an undocumented workaround?
>
> Emacs 24.3 was released more than a year ago, so fixing this in that
> version might be possible only by some suitable change to the
> directory's security descriptor outside of Emacs (if such a change is
> possible).
>
> But we can hope to fix this in future versions of Emacs.
>
>> It will be great if you really can *solve* the problem, even just for
>> this one particular scenario. I already suggested a pathological
>> counterexample. Other sources mentioned do indicate that it is
>> impossible to solve it reliably in general. But perhaps it will be
>> enough in practice.
>
> If we understand the problem in enough detail, we might find a
> solution of some sort.
>
>> Only the positive outcome of file-executable-p is documented as "this
>> means you can access files in that directory". The negative outcome is
>> not explicitly documented as meaning you cannot, yet that is how callers
>> are interpreting it. So there is clearly scope for rewriting the
>> documentation and changing the callers' logic to match.
>
> That is a different, although related discussion. Arguably, if a
> directory is not accessible by me, Emacs had better not attempt that,
> even if it might succeed, and instead leave it for the user to fix the
> access rights by other means.
>
> But even if we accept your views on this, it is better to try to solve
> the problem than work around it.
>
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.