Path: utzoo!mnetor!uunet!nuchat!steve From: steve@nuchat.UUCP (Steve Nuchia) Newsgroups: comp.unix.questions Subject: Re: Why does access(2) use real user and group IDs? Message-ID: <474@nuchat.UUCP> Date: 15 Dec 87 04:46:44 GMT References: <957@woton.UUCP> Organization: Public Access - Houston, Tx Lines: 18 Keywords: System V, access(2), real vs. effective IDs Summary: access(2) and setuid. In article <957@woton.UUCP>, riddle@woton.UUCP (Prentiss Riddle ) writes: > Why is it that in SVR2.1 (and maybe in other Unixes too) the access(2) > function uses the real user ID and group ID instead of the effective > ones? So that setuid programs can test the access permissions of the real user. > Of course, it wouldn't be hard to use stat(2) to write a substitute > routine called "eaccess()" which do the same thing using the effective You can use open or creat to test the efective user's permissions. Access was added so that priveledged programs could check the invoking user's permissions without using a stat kludge. -- Steve Nuchia | [...] but the machine would probably be allowed no mercy. uunet!nuchat!steve | In other words then, if a machine is expected to be (713) 334 6720 | infallible, it cannot be intelligent. - Alan Turing, 1947