Re: access / eaccess
Re: access / eaccess
- Subject: Re: access / eaccess
- From: Terry Lambert <email@hidden>
- Date: Tue, 24 Mar 2009 15:10:52 -0700
On Mar 24, 2009, at 4:48 AM, Stéphane Sudre wrote:
Is there an equivalent to the eaccess function in Darwin?
Generally, no, since it's not really a useful operation, which is why
it's not part of the POSIX standard. It will also opt you out of
directory services support for more than 16 groups
You can emulate it on Leopard or later -- assuming you use the POSIX
compilation environment, which, since it supports POSIX saved IDs,
allows toggling real/effective -- with:
int
eaccess(const char *path, int mode)
{
uid_t ruid, euid;
gid_t rgid, egid;
int rv;
int done = 0;
ruid = getuid();
euid = geteuid();
rgid = getgid();
egid = getegid();
if (!setregid(egid, rgid)) {
if (!setreuid(euid, ruid)) {
rv = access(path, mode);
done = 1;
setreuid(ruid, euid));
}
setregid(rgid, egid);
}
/* fall back */
if (!done)
rv = access(path, mode);
return(rv);
}
...of course, this wouldn't be thread safe, but then neither is any
operation that depends on switching IDs after successfully
preflighting with an eaccess system call anyway, and preflighting
won't guarantee against a future failure in any case, since rights can
change between the time you start the preflight and the time you
actually attempt the operation, given that access and subsequent
operations can't really be made transactional without changing all the
network file system protocols out there, and almost all of the
filesystems themselves.
The best policy is to try to do something, and if it fails, report the
error.
-- Terry _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden