From d5c8f4594965a4760d63d4985e0f648b592e893e Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Thu, 17 Sep 2009 22:35:13 +0000
Subject: [PATCH] find_one_file: Remove unreliable and redundant access(2)
 directory check

From one side, access(2) is not reliable by definition.  According to
specification, access(2) uses process's real UID and GID instead of
effective IDs, and it ignores process capabilities.  Consequently,
privileged process with unprivileged real IDs cannot use access(2) to
check its access to files.

From another side, the access(2) directory check looks redundant
because the directory is opened right below using opendir(3).
---
 bacula/src/findlib/find_one.c | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/bacula/src/findlib/find_one.c b/bacula/src/findlib/find_one.c
index 36cfa6c8b8..2e63855e1c 100644
--- a/bacula/src/findlib/find_one.c
+++ b/bacula/src/findlib/find_one.c
@@ -558,24 +558,6 @@ find_one_file(JCR *jcr, FF_PKT *ff_pkt,
       bool recurse = true;
       bool volhas_attrlist = ff_pkt->volhas_attrlist;    /* Remember this if we recurse */
 
-      /*
-       * If we are using Win32 (non-portable) backup API, don't check
-       *  access as everything is more complicated, and
-       *  in principle, we should be able to access everything.
-       */
-      if (!have_win32_api() || (ff_pkt->flags & FO_PORTABLE)) {
-         if (access(fname, R_OK) == -1 && geteuid() != 0) {
-            /* Could not access() directory */
-            ff_pkt->type = FT_NOACCESS;
-            ff_pkt->ff_errno = errno;
-            rtn_stat = handle_file(jcr, ff_pkt, top_level);
-            if (ff_pkt->linked) {
-               ff_pkt->linked->FileIndex = ff_pkt->FileIndex;
-            }
-            return rtn_stat;
-         }
-      }
-
       /*
        * Ignore this directory and everything below if the file .nobackup
        * (or what is defined for IgnoreDir in this fileset) exists
-- 
2.39.5