• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: rename and POSIX permissions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rename and POSIX permissions


  • Subject: Re: rename and POSIX permissions
  • From: Terry Lambert <email@hidden>
  • Date: Wed, 22 Oct 2008 10:06:36 -0700

On Oct 22, 2008, at 5:08 AM, Michael Roitzsch <email@hidden> wrote:
As a general rule, count only on the behavior described here:
http://www.opengroup.org/onlinepubs/009695399/functions/rename.html

Thanks for the pointer. I actually have read that and found it not very helpful:
"If the old argument points to the pathname of a directory, write access permission may be required for the directory named by old"

In our current conformance statement, which may be accessed at The Open Group site, we answered the question as to whether write access to the directory being renamed is required "YES".


In general, your code should not rely on implementation details like this for security, since you might take it to another platform which differs in that implementation detail, and then suddenly your code is now insecure.

In other words, it's a portability problem with the code in question.

For local media file systems, this detail of Mac OS X is unlikely to change. The reason for this is that Mac OS X does enforcement of permissions at the VFS layer rather than individual file systems. For network file systems where permissions are enforced on the server (e.g. NFSv4, SMB, AFP, etc.), then the semantics are going to be whatever the server enforces.

So even on Mac OS X, you can only depend on the behaviour within a relatively narrow scope, assuming we don't change our questionairre answer in the next conformance certification cycle (as I said, unlikely, but we won't commit to that as an ongoing semantic).

So bottom line is you should not depend on it in your code if you want your code to be portable to other platforms or work on non-local media FSs, even if you never upgrade your Mac OS X version.

-- Terry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


  • Follow-Ups:
    • Re: rename and POSIX permissions
      • From: Michael Roitzsch <email@hidden>
References: 
 >rename and POSIX permissions (From: Michael Roitzsch <email@hidden>)
 >Re: rename and POSIX permissions (From: Patrick Rutkowski <email@hidden>)
 >Re: rename and POSIX permissions (From: Michael Roitzsch <email@hidden>)

  • Prev by Date: Re: [syslogd] Performance issue?
  • Next by Date: Re: IOObjectRelease: passing null? threadsafe?
  • Previous by thread: Re: rename and POSIX permissions
  • Next by thread: Re: rename and POSIX permissions
  • Index(es):
    • Date
    • Thread