Date: Mon, 31 May 1999 14:14:53 -0500 (CDT) From: Mohit Aron <aron@cs.rice.edu> To: bde@zeta.org.au (Bruce Evans) Cc: freebsd-bugs@freebsd.org, dawes@freebsd.org Subject: Re: kern/11915: access system call says file is readable when its not Message-ID: <199905311914.OAA00734@cs.rice.edu> In-Reply-To: <199905310517.PAA01594@godzilla.zeta.org.au> from "Bruce Evans" at May 31, 99 03:17:45 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > I use the same (NFS) configuration. xterm seems to handle it correctly. > Yep. I suppose someone needs to tell the Eterm folks how to use uids correctly on BSD. They have a special "hack" for Linux (needs to be specially enabled) that makes reading .Xauthority over NFS work. I turned it on for BSD - it didn't work. > Eterm's difficulties show how hard it is to use access(). The usual > trick of swapping the ids is perfectly wrong if access() gets called. > However, the euid must be changed to the ruid for fopen(). > > > For these reasons, I'll argue that access() should behave similarly to > > the fopen() calls. > > This is not an option. POSIX.1 and about 25 years of tradition specify > that access() shall behave unsimilarly to fopen(). > I don't still see why access() needs to differ from fopen(). If setuid programs need to determine whether the real user had access to a particular file, they can simply use setreuid() to make the effective userid to be the real userid and then issue an fopen() or an access() (assuming it conforms to fopen()). Giving different semantics to access() simply creates confusion. It might be tradition but I think there are always times when tradition needs to be changed for the better good. But I guess programs that assume the old semantics of access() would start failing then. Ugh! - Mohit To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905311914.OAA00734>