site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com int eaccess(const char *path, int mode) { uid_t ruid, euid; gid_t rgid, egid; int rv; int done = 0; ruid = getuid(); euid = geteuid(); rgid = getgid(); egid = getegid(); if (!setregid(egid, rgid)) { if (!setreuid(euid, ruid)) { rv = access(path, mode); done = 1; setreuid(ruid, euid)); } setregid(rgid, egid); } /* fall back */ if (!done) rv = access(path, mode); return(rv); } -- Terry _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... On Mar 24, 2009, at 4:48 AM, Stéphane Sudre wrote: Is there an equivalent to the eaccess function in Darwin? Generally, no, since it's not really a useful operation, which is why it's not part of the POSIX standard. It will also opt you out of directory services support for more than 16 groups You can emulate it on Leopard or later -- assuming you use the POSIX compilation environment, which, since it supports POSIX saved IDs, allows toggling real/effective -- with: ...of course, this wouldn't be thread safe, but then neither is any operation that depends on switching IDs after successfully preflighting with an eaccess system call anyway, and preflighting won't guarantee against a future failure in any case, since rights can change between the time you start the preflight and the time you actually attempt the operation, given that access and subsequent operations can't really be made transactional without changing all the network file system protocols out there, and almost all of the filesystems themselves. The best policy is to try to do something, and if it fails, report the error. This email sent to site_archiver@lists.apple.com