Aucbvax.4482
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Thu Oct 15 23:53:48 1981
Re:   virtual access()
>From CSL.JLH.MOGUL@SU-SCORE Thu Oct 15 21:38:44 1981
[Dave Crocker suggests that allowing a non-super-user to
use a "what if I'm uid so-and-so" access() call would be a
security risk.]
I thought this at first, but a proper implementation would
probably return an error if the real (or maybe effective)
uid did not have sufficient access to stat() all the files
along the path.

Obviously, this much could be done by a hairy library routine
anyway.  However, I don't think it makes sense to duplicate
the entire access-rights validation code outside the kernel,
since (1) this is slow, and [much worse] (2) if the kernel's
idea of allowable access changes (e.g., we adopt a bit-encoded
group id), then one MUST make the same changes to the library
routine to maintain proper security.  This is a potentially
error-prone task!
-Jeff
[By the way, my original specification of "accessU(name,mode,uid)"
should really be "accessU(name,mode,uid,gid)" for obvious reasons.]
-------

-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <[email protected]>
of http://communication.ucsd.edu/A-News/


This Usenet Oldnews Archive
article may be copied and distributed freely, provided:

1. There is no money collected for the text(s) of the articles.

2. The following notice remains appended to each copy:

The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.