Aucbvax.4482 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Thu Oct 15 23:53:48 1981 Re: virtual access() >From CSL.JLH.MOGUL@SU-SCORE Thu Oct 15 21:38:44 1981 [Dave Crocker suggests that allowing a non-super-user to use a "what if I'm uid so-and-so" access() call would be a security risk.] I thought this at first, but a proper implementation would probably return an error if the real (or maybe effective) uid did not have sufficient access to stat() all the files along the path. Obviously, this much could be done by a hairy library routine anyway. However, I don't think it makes sense to duplicate the entire access-rights validation code outside the kernel, since (1) this is slow, and [much worse] (2) if the kernel's idea of allowable access changes (e.g., we adopt a bit-encoded group id), then one MUST make the same changes to the library routine to maintain proper security. This is a potentially error-prone task! -Jeff [By the way, my original specification of "accessU(name,mode,uid)" should really be "accessU(name,mode,uid,gid)" for obvious reasons.] ------- ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.