Xref: utzoo comp.unix.questions:6475 comp.unix.wizards:7639
Path: utzoo!mnetor!uunet!oddjob!ncar!gatech!mcnc!decvax!mandrill!hal!ncoast!allbery
From: allbery@ncoast.UUCP (Brandon Allbery)
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: Re: [braindamaged?] use of access(2) -- long note
Message-ID: <7591@ncoast.UUCP>
Date: 5 Apr 88 22:03:15 GMT
References: <59@vsi.UUCP> <1056@stratus.UUCP> <70@vsi.UUCP> <305@wsccs.UUCP> <393@vsi.UUCP> <368@wsccs.UUCP>
Reply-To: allbery@ncoast.UUCP (Brandon Allbery)
Followup-To: comp.lang.c
Distribution: comp
Organization: Cleveland Public Access UN*X, Cleveland, Oh
Lines: 24

As quoted from <368@wsccs.UUCP> by terry@wsccs.UUCP (terry):
+---------------
| Steven, the access() function is supposed to check using the real user and
| group ID's.  This makes it do what it is documented as doing, ie: finding
| out if you have access, NOT if who you are effectively has access.
| 
| The process by which an exec() works is exactly that by which my example works;
| your euid and egid become your uid and gid.
| 
| > The difficulty is because the shell probably uses access(2) to see if
| > /usr/acct/bin/report is executable
| 
| It does.  Isn't that what it's supposed to do?
+---------------

Whoa!  exec() preserves uid/gid/euid/egid -- it does NOT set the uid to the
euid, or we'd have some massive secuity holes about (consider /bin/mkdir on
pre-4.2/SVR3 systems).

sh uses access()?  Since the real and effective u/gids are not affected by
an exec(), access() is the *wrong* function to use.
-- 
	      Brandon S. Allbery, moderator of comp.sources.misc
       {well!hoptoad,uunet!hnsurg3,cbosgd,sun!mandrill}!ncoast!allbery