On Tue, Jun 3, 2008 at 1:30 PM, Jamie Lokier <jamie@xxxxxxxxxxxxx> wrote: > Michael Kerrisk wrote: >> > FWIW, I very much doubt that you are right wrt required >> > permissions, though. AFAICS, intent here is "if you can write to >> > file, you can touch the timestamps anyway" and having descriptor >> > opened for write gives that, current permissions be damned. >> >> The standard is pretty clear on this point: >> >> [[ >> Only a process with the effective user ID equal to the user ID of the >> file, or with write access to the file, or with appropriate privileges >> may use futimens( ) or utimensat( ) with a null pointer as the times >> argument or with both tv_nsec fields set to the special value >> UTIME_NOW. >> ]] >> >> The crucial words here are "a process ... with write access to the >> file" -- in other words, the permissions are determined by the >> process's credentials, not by the access mode of the file descriptor. >> I was not 100% sure on that to start with, so I did check it out with >> one of the folk at The Open Group, to make sure of my understanding. > > Is there anything else where the file descriptor's access mode allows > doing things on Linux, but the standard requires a permissions check > each time? Jamie, I can't think of examples offhand -- but I'm also not quite sure what your question is about. Could you say a little more? Cheers, Michael -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Found a bug? http://www.kernel.org/doc/man-pages/reporting_bugs.html -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
