[OpenAFS-port-darwin] 1.2.10 and patches?

Sebastian Hagedorn Hagedorn@uni-koeln.de
Wed, 27 Aug 2003 17:43:28 +0200


Hi,

--On Montag, 25. August 2003 12:17 Uhr +0200 Ragnar Sundblad=20
<ragge@nada.kth.se> wrote:

> --On den 25 augusti 2003 10:20 +0200 Sebastian Hagedorn
> <Hagedorn@uni-koeln.de> wrote:
>
>>> The Mac OS X high-level APIs use stat() to examine access rights for
>>> files and directories.  It trusts this data, and uses it to determine
>>> the user interface.  For example, if a directory is mode 0, the Finder
>>> will show a lock icon on it, and will not let you open it, even though
>>> AFS will still let you open the directory if you have the proper rights
>>> in the ACL.
>>
>> OK, I understand that. But what would be the alternative? How do other
>> OS's deal with this issue? Should and do they actually try to read or
>> write a file instead of relying on stat()? Doesn't this incur a severe
>> performance penalty?
>
> I believe that the common answer to this is that they should
> use access(2) instead.

hmm, the manpage for that call ends like this:

STANDARDS
     The access() function conforms to ISO/IEC 9945-1:1990 (``POSIX.1'').

CAVEAT
     Access() is a potential security hole and should never be used.

4th Berkeley Distribution        April 1, 1994       4th Berkeley=20
Distribution

I wonder if the CAVEAT has anything to do with the issue?

Does anybody know about Panther? Apparently the packaged version of OpenAFS =

1.2.9 does not run there ...

Cheers, Sebastian Hagedorn
--
Sebastian Hagedorn M.A. - RZKR-R1 (Geb=E4ude 52), Zimmer 18
Zentrum f=FCr angewandte Informatik - Universit=E4tsweiter Service RRZK
Universit=E4t zu K=F6ln / Cologne University - Tel. +49-221-478-5587