[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bug in mintlib44's access() function
> That's ok! Here is the Sun-Manpage:
>
> The real user ID and the supplementary group IDs (including
> the real group ID) are used in verifying permission, so this
> call is useful to set-UID programs.
Hmm, looks like what you say is right, speaking in terms of correctness
of the text in the manpage, but: If this really is the definition of this
function, then it does *not* do what it name promises me! All other parts
in the kernel use effective id's to determine anything. So if this function
tells me I can access a file, it will be true. But the negation of that
mustn't necessarily also be true: If this function tells me I'm *not*
allowed to access a file, I *may* in fact perhaps be allowed to, and thus,
there's no point in calling this functions in the first place. Just open
the file and see if it works...
In other terms: I was writing a set-GID program (a better `write') which
wanted to check if it is allowed to write to a tty. Tty's have the 'tty'
group and `write' was set to have a set-GID of 'tty', but the real one is
your one, and with *this* gid it is *never* allowed to write to a terminal,
according to access().
So where's the point of this function?
ciao,
TeSche
--
Torsten Scherer (Schiller, TeSche...)
Faculty of Technology, University of Bielefeld, Germany, Europe, Earth...
| Use any of "finger itschere@129.70.131 |
| Last updated: 14. April 1994 |