[braindamaged?] use of access(2)
Chris Torek
chris at mimsy.UUCP
Thu Mar 17 20:47:03 AEST 1988
In article <311 at dcc1.UUCP> douglas at dcc1.UUCP (Douglas B. Jones) writes:
>There has been some talk about the access(2) only working on the real
>uid/gid pair. Two alternate possibilites:
>
>1) have a saccess(2) which will check against setuid/setgid ....
>2) have another routine, call it faccess(2) ...
>
> ret = faccess(file_path,uid,gid);
The whole concept of an `access' system call is a bit goofy, because
it does not account for external events. Consider, e.g.,
time /* prog1 */ time /* prog2 */
t=0 compute(); t=1 status = access(path,...);
t=2 mv(path, newname); t=3 if (status == OK)
operation(path);
prog2 has carefully verified the operation before performing it, yet
it goes awry anyway. Since access() exists for `security' purposes,
but does not fulfill them, it should be reconsidered and probably
removed entirely.
Now, if you want a 99% solution for non-secure programs, that is
another matter entirely.... In most cases it is best to attempt the
operation anyway, and see whether it worked, but a 99% `test this out
now' call could be useful.
--
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain: chris at mimsy.umd.edu Path: uunet!mimsy!chris
More information about the Comp.unix.wizards
mailing list