Subject: Re: filehandles
To: Jaromir Dolecek <email@example.com>
From: Simon Burge <firstname.lastname@example.org>
Date: 12/06/1999 00:23:54
Jaromir Dolecek wrote:
> Simon Burge wrote:
> > It looks like file handles should be unique (right?) but you can't get
> > a filehandle unless you are root. Is this restriction because of the
> > directory access check bypass? If so maybe when getfh() is run as
> > non-root we could do the full directory access check. Or is there a
> > more sinister reason not to give out file handles to non-root processes?
> The problem here is not getfh(), the problem are the other filehandle
> routines. If you give them any random number as the filehandle, they
> would try to do their staff without any checking if the filehandle
> has been previously returned from getfh() call. So given you know
> the filehandle of the file you want to access, you don't need
> to call getfh() at all - so you can bypass the directory permissions.
I must be missing something really obvious here - don't the other
filehandle routines also require root privs, so it's not as if a
user process can do anything with a filehandle? Why does getting a
filehandle require root as well?