[braindamaged?] use of access(2) -- long note
Brandon Allbery
allbery at ncoast.UUCP
Wed Apr 6 08:03:15 AEST 1988
As quoted from <368 at wsccs.UUCP> by terry at wsccs.UUCP (terry):
+---------------
| Steven, the access() function is supposed to check using the real user and
| group ID's. This makes it do what it is documented as doing, ie: finding
| out if you have access, NOT if who you are effectively has access.
|
| The process by which an exec() works is exactly that by which my example works;
| your euid and egid become your uid and gid.
|
| > The difficulty is because the shell probably uses access(2) to see if
| > /usr/acct/bin/report is executable
|
| It does. Isn't that what it's supposed to do?
+---------------
Whoa! exec() preserves uid/gid/euid/egid -- it does NOT set the uid to the
euid, or we'd have some massive secuity holes about (consider /bin/mkdir on
pre-4.2/SVR3 systems).
sh uses access()? Since the real and effective u/gids are not affected by
an exec(), access() is the *wrong* function to use.
--
Brandon S. Allbery, moderator of comp.sources.misc
{well!hoptoad,uunet!hnsurg3,cbosgd,sun!mandrill}!ncoast!allbery
More information about the Comp.unix.questions
mailing list