From b6d3cb543c2e91aa6820cde637db55ad1cee525f Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Mon, 4 May 2015 07:52:27 -0400 Subject: [PATCH] RT1369: don't do "helpful" access check. Don't do access check on destination directory; it breaks when euid/egid is different from real uid/gid. Reviewed-by: Richard Levitte Signed-off-by: Rich Salz --- apps/ca.c | 21 +++++---------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 2f43a9bc7f..b6cf47f0f2 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -703,24 +703,13 @@ end_of_options: #ifndef OPENSSL_SYS_VMS /* * outdir is a directory spec, but access() for VMS demands a - * filename. In any case, stat(), below, will catch the problem if - * outdir is not a directory spec, and the fopen() or open() will - * catch an error if there is no write access. - * - * Presumably, this problem could also be solved by using the DEC C - * routines to convert the directory syntax to Unixly, and give that - * to access(). However, time's too short to do that just now. + * filename. We could use the DEC C routine to convert the + * directory syntax to Unixly, and give that to app_isdir, + * but for now the fopen will catch the error if it's not a + * directory */ - if (app_access(outdir, R_OK | W_OK | X_OK) != 0) - { - BIO_printf(bio_err, "I am unable to access the %s directory\n", - outdir); - perror(outdir); - goto end; - } - if (app_isdir(outdir) <= 0) { - BIO_printf(bio_err, "%s need to be a directory\n", outdir); + BIO_printf(bio_err, "%s: %s is not a directory\n", prog, outdir); perror(outdir); goto end; } -- 2.25.1