Aucbvax.4478
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Thu Oct 15 23:45:30 1981
setuid and access
>From CSL.JLH.MOGUL@SU-SCORE Thu Oct 15 21:26:06 1981
   To add another tangent to this whole discussion, I would
like to see a new flavor of access(2), e.g.,

accessU(name, mode, newuid)	/* the name is negotiable */

which works just like access(), except that it is interpreted
as "if I were to setuid(newuid), what would access(name,mode)
return?"
    The application I have in mind is a network file server
that runs as root (so that it can access all files), but
(after doing password validation) wants to  allow only "proper"
access.  We don't want to do forks all over the place (for
complex reasons which I cannot defend here), and so we are
stuck (we've got a solution, but it is grossly inefficient.)
An "unsetuid()" to return to root access rights would suffice,
but the new flavor of access more directly expresses our intent.

Has anyone done something like this?  Comments?
-------