[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
doc access?
From: |
Kevin Ryde |
Subject: |
doc access? |
Date: |
Mon, 08 Sep 2003 08:49:12 +1000 |
User-agent: |
Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3 (gnu/linux) |
* posix.texi (File System): In access?, reword a bit, clarify real
versus effective ID handling, add an example of that, and recommend
against access tests in library functions.
- Scheme Procedure: access? path how
- C Function: scm_access (path, how)
Test accessibility of a file under the real UID and GID of the
calling process. The return is `#t' if PATH exists and the
permissions requested by HOW are all allowed, or `#f' if not.
HOW is an integer which can be one of the following or a
bitwise-OR (`logior') of more than one.
- Variable: R_OK
Test for read permission.
- Variable: W_OK
Test for write permission.
- Variable: X_OK
Test for execute permission.
- Variable: F_OK
Test for existence of the file. This is implied by each of
the other tests, so there's no need to combine it with them.
The way the calling process's real ID is used by `access?' means
that a set-UID or set-GID program will test the invoking user's
permissions, rather than anything extra the effective ID might make
possible.
Consider a database import program which is set-UID so it can
write to a shared database. When copying from a file to the
database the set-UID might make it possible to read files the
invoking user cannot normally read. `access?' can be called to
guard against that.
In normal circumstances of course the real and effective IDs are
the same, so `access?' simply indicates what the process will be
able to do.
Most library functions are best off not testing with `access?',
but instead simply attempting their operations. This ensures they
can utilize extra permissions obtained from an effective ID.
- doc access?,
Kevin Ryde <=