From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Thien-Thi Nguyen Newsgroups: gmane.lisp.guile.devel Subject: Re: port-filename and path canonicalization Date: Wed, 21 Apr 2010 21:16:30 +0200 Message-ID: <87aaswd3ap.fsf@ambire.localdomain> References: <878w8jyr3w.fsf@gnu.org> <87tyr69xyt.fsf@ambire.localdomain> <87mxwxjim6.fsf@gnu.org> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Trace: dough.gmane.org 1271880182 27557 80.91.229.12 (21 Apr 2010 20:03:02 GMT) X-Complaints-To: usenet@dough.gmane.org NNTP-Posting-Date: Wed, 21 Apr 2010 20:03:02 +0000 (UTC) To: guile-devel@gnu.org Original-X-From: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Wed Apr 21 22:03:00 2010 connect(): No such file or directory Return-path: Envelope-to: guile-devel@m.gmane.org Original-Received: from lists.gnu.org ([199.232.76.165]) by lo.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1O4g8R-0003gr-HR for guile-devel@m.gmane.org; Wed, 21 Apr 2010 22:02:59 +0200 Original-Received: from localhost ([127.0.0.1]:48804 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1O4g8R-0000Gl-0u for guile-devel@m.gmane.org; Wed, 21 Apr 2010 16:02:59 -0400 Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1O4g7i-00089o-Gt for guile-devel@gnu.org; Wed, 21 Apr 2010 16:02:14 -0400 Original-Received: from [140.186.70.92] (port=59656 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1O4g7g-00088K-Gq for guile-devel@gnu.org; Wed, 21 Apr 2010 16:02:13 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1O4g7e-00065w-Iy for guile-devel@gnu.org; Wed, 21 Apr 2010 16:02:12 -0400 Original-Received: from host110-66-dynamic.4-87-r.retail.telecomitalia.it ([87.4.66.110]:37572 helo=ambire.localdomain) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1O4g7e-00065r-B4 for guile-devel@gnu.org; Wed, 21 Apr 2010 16:02:10 -0400 Original-Received: from ttn by ambire.localdomain with local (Exim 4.63) (envelope-from ) id 1O4fPS-0000LF-Gp for guile-devel@gnu.org; Wed, 21 Apr 2010 21:16:30 +0200 In-Reply-To: <87mxwxjim6.fsf@gnu.org> ("Ludovic =?utf-8?Q?Court=C3=A8s=22'?= =?utf-8?Q?s?= message of "Wed, 21 Apr 2010 10:49:05 +0200") User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.91 (gnu/linux) X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Original-Sender: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Errors-To: guile-devel-bounces+guile-devel=m.gmane.org@gnu.org Xref: news.gmane.org gmane.lisp.guile.devel:10279 Archived-At: () ludo@gnu.org (Ludovic Court=C3=A8s) () Wed, 21 Apr 2010 10:49:05 +0200 I think open file ports shouldn=E2=80=99t grant any authority beyond access to the open file. Just like an open file descriptor doesn=E2=80=99t convey any authority beyond access to the underlying file (if we omit =E2=80=98..=E2=80=99 lookups on a directory file descri= ptor with openat(3)). I agree (and was about to cite openat(3) et al -- glad you beat me to it!), but that's neither here nor there: Whether or not the authority associated with the containing directory is user-visible is a design detail of the directory object. (More information need not imply more access.) That is, if a file port supports =E2=80=98file-port-directory=E2=80=99, the= n how to use/restrict the resulting object is left up to higher layers, where it belongs. Reifying directories is good for both security and efficiency. Why chase symlinks and {l}stat(2) more than necessary? thi