Eric Paris wrote: > If a process calls access("/etc/shadow", R_OK) I claim > that we darn sure better return the same result that open("/etc/shadow", > O_RDONLY) would return. I'm guessing noone is going to argue that > point. This is actually wrong in general - and I see that several posters have repeated it as if it's a fact. Since the days prior to the new-fangled security models, access() is supposed to calculate access for the _real_ user and group of the process doing the access, whereas open() uses the _effective_ user and group. It is one of the things access() is useful for, in setuid/setgid programs. It should be quite obvious that there are corresponding concepts in modern security models, such as delegated authority, capabilities etc. which possibly ought to apply to access(), and which possibly affect how it's audited. -- Jamie -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html