It is absolutely invalid practice to test 'prot' bits to determine if a

  file is readable.  The only acceptable means of testing readability is to
  open it for reading, due to discrepancies between permissions, DACLs and
  SACLS.  Even Linux hackers are gonna need to learn that lesson if they
  plan to do any DOD or Gov work once DACL-enhanced Linux is adopted.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@91516 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/ssl_engine_pphrase.c b/ssl_engine_pphrase.c
index 650edc2f88e3958def6c6ef3674a2439103bc846..ddb693a7e5f21d7d7f9784c90aef5b5d1a00afae 100644 (file)
--- a/ssl_engine_pphrase.c
+++ b/ssl_engine_pphrase.c
@@ -69,13 +69,21 @@
 
 static apr_status_t exists_and_readable(char *fname, apr_pool_t *pool)
 {
+    apr_status_t stat;
     apr_finfo_t sbuf;
+    apr_file_t *fd;
 
-    if ( apr_stat(&sbuf, fname, APR_FINFO_NORM, pool) != APR_SUCCESS )
-        return APR_ENOSTAT;
+    if ((stat = apr_stat(&sbuf, fname, APR_FINFO_MIN, pool)) != APR_SUCCESS)
+        return stat;
 
-    return ( ((sbuf.filetype == APR_REG) && (sbuf.protection & APR_UREAD)) ?
-                   APR_SUCCESS : APR_EGENERAL);
+    if (sbuf.filetype != APR_REG)
+        return APR_EGENERAL;
+
+    if ((stat = apr_file_open(&fd, fname, APR_READ, 0, pool)) != APR_SUCCESS)
+        return stat;
+
+    apr_file_close(fd);
+    return APR_SUCCESS;
 }
 
 /*  _________________________________________________________________