Harald Kirsch wrote:
> The point is that on all other *nixes (as reported in the Tcl-newsgroup)
> the behaviour is different. getcwd does return `permission denied' if
> the x-flag of the current dir or any of its parents is not present.
This is an artifact of the pathname resolution scheme differences
between small memory oriented Unix and large memory oriented Linux.
In the Unix namei and vnode schemes only information required to get
the next component looked up is retained at each step. When the
lookup is complete you have the information about the terminal object,
and that's it. In the Linux scheme, the entire path is retained. The
getcwd system call is trivial in Linux. It would be very difficult
on a Unix scheme.
In the Unix scheme getcwd is a set of directory lookups. On Linux,
it's a simple fetch of a process attribute. From the viewpoint of
a security policy, either is satisfactory.
As an aside, the Linux scheme make security audit much easier. I
like it.
--Casey Schaufler Manager, Trust Technology, SGI casey@sgi.com voice: (650) 933-1634
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 29 2000 - 21:00:10 EST