[CMake] CTest fails to find test command : bug in use of FileExists() + suggested fix.
Michael Hertling
mhertling at online.de
Wed Aug 18 05:49:25 EDT 2010
On 08/14/2010 11:59 PM, Richard Offer wrote:
>
> One of my test cases needs sudo to run (its listening on privileged ports).
>
>
> If I add
>
> ADD_TEST( SERVER /usr/bin/sudo
> ${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/Server${SUFFIX} --daemon )
>
> CMake complains that it can¹t find sudo.
>
> [ d042 ] make test
> Running tests...
> Test project /Users/richard/BUILD
> Start 1: SERVER
> Could not find executable /usr/bin/sudo
> Looked in the following places:
> /usr/bin/sudo
> /usr/bin/sudo
> /usr/bin/Release/sudo
> /usr/bin/Release/sudo
> /usr/bin/Debug/sudo
> /usr/bin/Debug/sudo
> ...
>
>
> However (on OS X and Linux) sudo is not readable (although it is
> executable).
>
> In Source/CTest/cmCTestTestHandler.cxx (line 1494) you¹re using
> cmSystemTools::FileExists(attempted[ai].c_str() ) to test for the presence
> of the testcase.
>
>
> Looking in Source/kwsys/SystemTools.cxx line 919 shows that on non-Windows
> systems its using access(path, R_OK), which checks to see if the path has
> read permissions.
>
>
> Might I suggest replacing the call to FileExists()
> Source/CTest/cmCTestTestHandler.cxx in with a new test -
> FileIsExecutable() since the only requirement is to be able to execute the
> program, not read it.
Scripts using the kernel's "#!" facility must also be readable, but
ensuring the latter is the administrator's responsibility, of course.
Instead of introducing a new method, one could perhaps consider to add a
further parameter with a default value to the FileExists() methods, e.g.
"int xable=0", and replace "R_OK" by "(xable?X_OK:R_OK)".
As a quick workaround, you could create a script, say "sudo.sh",
containing "/usr/bin/sudo $*" and change your ADD_TEST() to
"ADD_TEST(SERVER sh ${CMAKE_SOURCE_DIR}/sudo.sh ...)".
Besides, I've already seen readable sudo executables on Linux systems,
so I wonder if this is a security issue, i.e. which advantage could
be taken of a readable /usr/bin/sudo by an attacker?
Regards,
Michael
More information about the CMake
mailing list