From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,6482d0ae6dcb1b4c
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2002-10-05 07:00:40 PST
Newsgroups: comp.lang.ada
Path: 
 archiver1.google.com!news1.google.com!newsfeed.stanford.edu!cyclone.bc.net!newsfeed.media.kyoto-u.ac.jp!newsfeed.mesh.ad.jp!osa.uu.net!sea.uu.net!ash.uu.net!world!news
From: Robert A Duff <bobduff@shell01.TheWorld.com>
Subject: Re: if file exist
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2
Sender: news@world.std.com (Mr Usenet Himself)
Message-ID: <wccelb5nfz7.fsf@shell01.TheWorld.com>
Date: Sat, 5 Oct 2002 13:59:56 GMT
Content-Type: text/plain; charset=us-ascii
References: <mailman.1032687678.1150.comp.lang.ada@ada.eu.org>
 <dale-93E17F.21255422092002@mec2.bigpond.net.au>
 <x7vd6r6rskf.fsf@pushface.org>
 <dale-E40317.08192523092002@mec2.bigpond.net.au>
 <x7vy99twam9.fsf@pushface.org> <mv2OjUUhp2Hh@eisner.encompasserve.org>
 <3d9245da.259420486@news.cis.dfn.de> <3D933A6B.5000105@cogeco.ca>
 <wccadm41jqs.fsf@shell01.TheWorld.com>
 <8db3d6c8.0209270247.5bf07ae5@posting.google.com>
 <3D94D418.5010604@attbi.com> <3D9E0091.18314F2E@ebox.tninet.se>
NNTP-Posting-Host: shell01.theworld.com
Mime-Version: 1.0
Organization: The World Public Access UNIX, Brookline, MA
Xref: archiver1.google.com comp.lang.ada:29534
Date: 2002-10-05T13:59:56+00:00
List-Id: <comp.lang.ada>

Stefan Skoglund <stetson@ebox.tninet.se> writes:

> Mark Biggar wrote:
> > No, from a computer security point of view, this is exactly what is
> > wanted.  A user should see absolutely no difference between "file does
> > not exist" and "you don't have permission to see the file".  Otherwise,
> > you have introduced a covert information channel.
> 
> Hrmm, rather flimsy security in that case.
> Security-by-obscurity doesn't work.

Methinks you are misusing the term "security by obscurity", which I
understand to mean security by preventing people from knowing the method
of security.  For example, if you don't give out the source code for
your operating system, so people won't know the password encryption
algorithm, in an attempt to prevent people from breaking that algorithm.
You're right -- that doesn't work very well.  But it has nothing to do
with this case.

> In that case a simple 'ls filename' on unix
> will give a not enough permissions message
> 'ls `dirname filename`' will tell if we are having
> a directory permissions problem.

I'm not sure what the second command is attempting to do, but I'm pretty
sure that on Unix systems, if you have no access to directory "dir"
(i.e., rwx bits all zero), then you can't find out whether a given file
name exists in dir.  E.g., "ls dir/exists" and "ls dir/not-exists" will
both produce the same error message, even though exists exists and
not-exists does not.  Attempting to run a directory as a command will
cause an error, too, so I don't see how the second command causes a
security flaw.  Please explain the 'ls `dirname filename`'.

- Bob