Usefulness of access(2) - (nf)
edwards at uiucuxc.UUCP
edwards at uiucuxc.UUCP
Thu Sep 22 13:36:20 AEST 1983
#N:uiucuxc:10900002:000:835
uiucuxc!edwards Sep 2 12:56:00 1983
I would really like to comment on the function access(2). The
manual states that the real user/group id's are used with respect to
which permissions are checked for access to the files/paths. And that
this is useful to set-UID programs.
Well, it really depends on what you're checking. If your
set-UID program wants to do things to privileged areas, then access(2)
is NOT useful for set-UID programs.
For example: If your set-UID program wants to see if a directory
exists in a privileged area (access to set-UIDed program/user only,)
then you can't use access(2) because the real [ug]id of the process
wouldn't have access anyway.
Suggestion: eaccess(2) or equivalent to check for effective id's.
Alan Edwards
University of Illinois @ Urbana-Champaign
(...pur-ee!uiucdcs!uiucuxc!edwards)
More information about the Net.bugs
mailing list