Re: if file exist - David Thompson

comp.lang.ada
 help / color / mirror / Atom feed

From: "David Thompson" <david.thompson1@worldnet.att.net>
Subject: Re: if file exist
Date: Mon, 07 Oct 2002 05:42:36 GMT
Date: 2002-10-07T05:42:36+00:00	[thread overview]
Message-ID: <g99o9.6469$k_2.489840@bgtnsc05-news.ops.worldnet.att.net> (raw)
In-Reply-To: 3D94D418.5010604@attbi.com

Mark Biggar <mark.a.biggar@attbi.com> wrote :
> steve_H wrote:
...
> > But the above is not logical. If your function return FALSE, then one
> > does not know if this means the file actually does not exist, or that
> > the function was not able to determine if it exist or not becuase of
> > permission issues.  The user might want to know this.
>
> No, from a computer security point of view, this is exactly what is
> wanted.  A user should see absolutely no difference between "file does
> not exist" and "you don't have permission to see the file".  Otherwise,
> you have introduced a covert information channel.
>
First this only matters if you want/need nondiscretionary controls.
Second it is OK if the third state is not specifically 'file exists but
you don't have access' but rather 'I won't say if the file exists'* --
as in Multics' most-frequent and perhaps most-annoying error
code/message "Insufficient access to return any information".

* assuming there isn't an observable timing difference either

--
- David.Thompson 1 now at worldnet.att.net

next prev parent reply	other threads:[~2002-10-07  5:42 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <mailman.1032687678.1150.comp.lang.ada@ada.eu.org>
2002-09-22  9:58 ` if file exist Preben Randhol
2002-09-22 19:25   ` Keith Thompson
2002-09-22 11:26 ` Dale Stanbrough
2002-09-22 14:45   ` Simon Wright
2002-09-22 17:24     ` Frank J. Lhota
2002-09-22 19:24     ` Keith Thompson
2002-09-22 22:20     ` Dale Stanbrough
2002-09-23  5:14       ` Simon Wright
2002-09-23 12:38         ` Larry Kilgallen
2002-09-26  0:39           ` Nick Roberts
2002-09-26 16:48             ` Warren W. Gay VE3WWG
2002-09-26 22:14               ` Robert A Duff
2002-09-27 10:47                 ` steve_H
2002-09-27 14:01                   ` Robert A Duff
2002-09-27 18:43                   ` Randy Brukardt
2002-09-28  1:17                     ` Keith Thompson
2002-09-28 13:04                       ` Marin David Condic
2002-09-29  4:50                         ` Keith Thompson
2002-09-29  5:13                           ` Christopher Browne
2002-09-27 21:59                   ` Mark Biggar
2002-09-27 23:09                     ` Larry Kilgallen
2002-10-04 20:56                     ` Stefan Skoglund
2002-10-05 13:59                       ` Robert A Duff
2002-10-06 20:35                         ` Keith Thompson
2002-10-07  0:34                       ` Robert A Duff
2002-10-07  5:42                     ` David Thompson [this message]
2002-10-13 17:05                       ` Larry Kilgallen
2002-10-21  2:17                         ` David Thompson
2002-09-22 11:55 ` Per Sandbergs
2002-09-22 22:29 ` SteveD
2002-09-23  1:53   ` if_file_exist : it's working thankyou all! Dominic D'Apice
2002-09-23  5:25     ` Simon Wright
2002-09-23 23:59       ` Dominic D'Apice
2002-09-25 19:13         ` Simon Wright

replies disabled

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox