Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/3/84; site talcott.UUCP
Path: utzoo!linus!philabs!cmcl2!seismo!harvard!talcott!tmb
From: tmb@talcott.UUCP (Thomas M. Breuel)
Newsgroups: net.unix-wizards
Subject: Re: Re: unix quirks (chmod 000 dir)
Message-ID: <417@talcott.UUCP>
Date: Fri, 19-Apr-85 01:25:03 EST
Article-I.D.: talcott.417
Posted: Fri Apr 19 01:25:03 1985
Date-Received: Sun, 21-Apr-85 02:08:27 EST
References: <9938@brl-tgr.ARPA> <413@leadsv.UUCP>
Organization: Harvard University
Lines: 13

> have permissions is "Permission denied" instead of "no such file or
> directory".  In fact, while this may be clearer to the user, it falls in the
> same general category as not using "Incorrect password" or "Incorrect
> username" for failed logins.  You never want to tell a potential intruder or
> unauthorized user any information which can be used to infer the existence
> or nonexistence of a protected object.

That's hardly an argument. A simple 'ls -l' will reveal the whole truth
to the 'intruder'. I suspect that someone was lazy when writing the code
and inferred from an error return code from 'chdir' that the target does
not exist.

							Thomas.