home *** CD-ROM | disk | FTP | other *** search
- From: itschere@techfak.uni-bielefeld.de
- Subject: Re: bug in mintlib44's access() function
- Date: Mon, 20 Jun 94 12:00:26 MET DST
- In-Reply-To: <9406191508.AA01338@pfsparc02.phil15.uni-sb.de>; from "Benjamin Lorenz" at Jun 19, 94 05:08:27 pm
-
- > That's ok! Here is the Sun-Manpage:
- >
- > The real user ID and the supplementary group IDs (including
- > the real group ID) are used in verifying permission, so this
- > call is useful to set-UID programs.
-
- Hmm, looks like what you say is right, speaking in terms of correctness
- of the text in the manpage, but: If this really is the definition of this
- function, then it does *not* do what it name promises me! All other parts
- in the kernel use effective id's to determine anything. So if this function
- tells me I can access a file, it will be true. But the negation of that
- mustn't necessarily also be true: If this function tells me I'm *not*
- allowed to access a file, I *may* in fact perhaps be allowed to, and thus,
- there's no point in calling this functions in the first place. Just open
- the file and see if it works...
-
- In other terms: I was writing a set-GID program (a better `write') which
- wanted to check if it is allowed to write to a tty. Tty's have the 'tty'
- group and `write' was set to have a set-GID of 'tty', but the real one is
- your one, and with *this* gid it is *never* allowed to write to a terminal,
- according to access().
-
- So where's the point of this function?
-
- ciao,
- TeSche
- --
- Torsten Scherer (Schiller, TeSche...)
- Faculty of Technology, University of Bielefeld, Germany, Europe, Earth...
- | Use any of "finger itschere@129.70.131 |
- | Last updated: 14. April 1994 |
-
