From: "David Thompson" <david.thompson1@worldnet.att.net>
Subject: Re: if file exist
Date: Mon, 07 Oct 2002 05:42:36 GMT
Date: 2002-10-07T05:42:36+00:00 [thread overview]
Message-ID: <g99o9.6469$k_2.489840@bgtnsc05-news.ops.worldnet.att.net> (raw)
In-Reply-To: 3D94D418.5010604@attbi.com
Mark Biggar <mark.a.biggar@attbi.com> wrote :
> steve_H wrote:
...
> > But the above is not logical. If your function return FALSE, then one
> > does not know if this means the file actually does not exist, or that
> > the function was not able to determine if it exist or not becuase of
> > permission issues. The user might want to know this.
>
> No, from a computer security point of view, this is exactly what is
> wanted. A user should see absolutely no difference between "file does
> not exist" and "you don't have permission to see the file". Otherwise,
> you have introduced a covert information channel.
>
First this only matters if you want/need nondiscretionary controls.
Second it is OK if the third state is not specifically 'file exists but
you don't have access' but rather 'I won't say if the file exists'* --
as in Multics' most-frequent and perhaps most-annoying error
code/message "Insufficient access to return any information".
* assuming there isn't an observable timing difference either
--
- David.Thompson 1 now at worldnet.att.net
next prev parent reply other threads:[~2002-10-07 5:42 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mailman.1032687678.1150.comp.lang.ada@ada.eu.org>
2002-09-22 9:58 ` if file exist Preben Randhol
2002-09-22 19:25 ` Keith Thompson
2002-09-22 11:26 ` Dale Stanbrough
2002-09-22 14:45 ` Simon Wright
2002-09-22 17:24 ` Frank J. Lhota
2002-09-22 19:24 ` Keith Thompson
2002-09-22 22:20 ` Dale Stanbrough
2002-09-23 5:14 ` Simon Wright
2002-09-23 12:38 ` Larry Kilgallen
2002-09-26 0:39 ` Nick Roberts
2002-09-26 16:48 ` Warren W. Gay VE3WWG
2002-09-26 22:14 ` Robert A Duff
2002-09-27 10:47 ` steve_H
2002-09-27 14:01 ` Robert A Duff
2002-09-27 18:43 ` Randy Brukardt
2002-09-28 1:17 ` Keith Thompson
2002-09-28 13:04 ` Marin David Condic
2002-09-29 4:50 ` Keith Thompson
2002-09-29 5:13 ` Christopher Browne
2002-09-27 21:59 ` Mark Biggar
2002-09-27 23:09 ` Larry Kilgallen
2002-10-04 20:56 ` Stefan Skoglund
2002-10-05 13:59 ` Robert A Duff
2002-10-06 20:35 ` Keith Thompson
2002-10-07 0:34 ` Robert A Duff
2002-10-07 5:42 ` David Thompson [this message]
2002-10-13 17:05 ` Larry Kilgallen
2002-10-21 2:17 ` David Thompson
2002-09-22 11:55 ` Per Sandbergs
2002-09-22 22:29 ` SteveD
2002-09-23 1:53 ` if_file_exist : it's working thankyou all! Dominic D'Apice
2002-09-23 5:25 ` Simon Wright
2002-09-23 23:59 ` Dominic D'Apice
2002-09-25 19:13 ` Simon Wright
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox