[PROPOSAL] extend UNIX_INFO2 to flag extended access controls (take 2)

Steve French smfrench at austin.rr.com
Fri Jan 25 20:50:28 GMT 2008

David Collier-Brown wrote:

> James Peach wrote:
>> On Jan 25, 2008, at 10:09 AM, simo wrote:
>>> Wouldn't it make sense to use an "access" call implemented by CIFS
>>> server instead ?
>> In the long run, we ought to have an access call as well. That's 
>> just  not something I have a detailed proposal for yet.
> the Unix folks rejected it as overly racey, and defined (f)open

The user space access() system call can be racy, so it seems odd to use 
it.  Fortunately the man page notes this:

*"access*() may not work correctly on NFS file systems with UID mapping 
enabled, because UID mapping is done on the server and hidden from the 
client, which checks permissions.   Using *access*() to check if a user 
is authorized to e.g. open a file before actually doing so using /*open 
<http://linux.die.net/man/2/open>*(2)/ creates a security hole, because 
the user might exploit the short time interval between checking and 
opening the file to manipulate it."

The kernel call, which for Linux is called "permission" (which for most 
file systems calls the generic_permission function), is on line 172 and 
following of fs/namei.c and is interesting to examine for the case of a 
network file system.

More information about the samba-technical mailing list