GNU bug report logs - #41218
26.3; Windows: file-writable-p returns t for a file owned by the Administrators group but not writable by the user, a member of the Administrators group

Previous Next

Package: emacs;

Reported by: "Michael Hoffman" <emacs-hoffman <at> snkmail.com>

Date: Tue, 12 May 2020 21:17:01 UTC

Severity: wishlist

Found in version 26.3

Full log

Message #8 received at 41218 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: "Michael Hoffman" <emacs-hoffman <at> snkmail.com>
Cc: 41218 <at> debbugs.gnu.org
Subject: Re: bug#41218: 26.3;
 Windows: file-writable-p returns t for a file owned by the
 Administrators group but not writable by the user, a member of the
 Administrators group
Date: Wed, 13 May 2020 17:25:23 +0300

severity 41218 wishlist
thanks

> From: "Michael Hoffman" <emacs-hoffman <at> snkmail.com>
> Date: Tue, 12 May 2020 16:30:48 -0400
> 
> 1. Start elevated Powershell (Win+X,A) and create file C:\foo.txt owned by the Administrators group
> 
> PS C:\> $null > C:\foo.txt
> PS C:\> takeown /A /F C:\foo.txt
> 
> SUCCESS: The file (or folder): "C:\foo.txt" now owned by the administrators group.
> 
> 2. Open `emacs -Q`
> 
> 3. C-x C-f C:/foo.txt
> 
> 4. Type `(file-writable-p "foo.txt")` C-x C-e
> t
> 
> 5. C-x C-s
> Saving file c:/foo.txt...
> Cannot write backup file; backing up in ~/.emacs.d/%backup%~
> Error: (file-error "Setting ACL" "Operation not permitted" "c:/Users/mhoffman/.emacs.d/%backup%~")
> basic-save-buffer-2: Opening output file: Permission denied, c:/foo.txt
> 
> Expected that `(file-writable-p "foo.txt")` would return nil.

Emacs on MS-Windows doesn't check the ACLs when it determines whether
a file is writable.  The reason is that there doesn't seem to be a
general reliable way of doing so, given that access rights on Windows
are many times implicitly given because the user belongs to some group
that is granted access.  Basically, the only reliable way of making
sure the file is writable is to try writing to it; any other kind of
test I know of is plagued with false negatives, i.e. they frequently
tell the file is not writable when in fact it is, which I consider a
greater evil than the kind of problem you report.  And the fact that
one normally needs to jump through hoops (elevating your session,
using tools that make the file explicitly owned by a privileged group,
etc.) to create such a situation on Windows is one more reason not to
bother about this too much.  IOW, the situation is rare.

Of course, if someone can explain how to perform this test in a way
that takes ACLs into account and would be reliable, we could consider
implementing it (assuming it isn't too expensive, since such a test
will have to be performed each time a user saves a buffer to its
file).

Thanks.
This bug report was last modified 5 years and 39 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.