Matthew Wilcox napsal(a):
Why does this fileserver want to use access()? WHy not just open the
file and report the error if one happens
Suppose you want to filter directory and show only the files that the
user can access - yes, this can be solved by opening the file/directory,
however this seems to me overkill.
I have recently been implementing a HTTP file server and I wanted to
show slightly different screens if the user has or does not have write
access - based on ACL. There is no easy way to do it in multithreaded
application
- the access() function does not work. There is an
euidaccess()/eaccess() libc function, which is not currently syscall -
it is probably supposed to do the ACL checks in userspace and it doesn't
currently support ACL's anyway (NotYetImplemented). But doing ACL checks
in userspace is IMO the wrong way to go - the ACL models differ.
(I have since switched to fork()ed model, but this option might not
always be available).
And if I understand it correctly, the posix says that there is a problem
- and it won't be solved.... :(
2. The superuser has complete access to all files on a system. As a
consequence, programs started by the superuser and switched to the
effective user ID with lesser privileges cannot use /access/() to test
their file access permissions.
It was also argued that problem (2) is more easily solved by using
/open/()
<http://www.opengroup.org/onlinepubs/000095399/functions/open.html>,
/chdir/()
<http://www.opengroup.org/onlinepubs/000095399/functions/chdir.html>, or
one of the /exec
<http://www.opengroup.org/onlinepubs/000095399/functions/exec.html>/
functions as appropriate and responding to the error, rather than
creating a new function that would not be as reliable. Therefore,
/eaccess/() is not included in this volume of IEEE Std 1003.1-2001.
Ondrej
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
