Re: if file exist

Re: if file exist

[Preben Randhol]

On Sat, 21 Sep 2002 21:10:34 -0400, Dominic D'Apice wrote:
> This is a multi-part message in MIME format.


If you are going to poste questions on news then turn off HTML etc and
post text only!


> 
> ------=_NextPart_000_0001_01C261B3.5397E920
> Content-Type: text/plain;
> 	charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> 
> Hello all,
>  
> How can i know if a text file exist ?
>  
> I mean : 
>  
> Procedure IF_FILE_EXIST is
> Begin
> .
> end IF_FILE_EXIST;
>  
>  
> thank in advance
> Dominic
> 
> ------=_NextPart_000_0001_01C261B3.5397E920
> Content-Type: text/html;
> 	charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
> 
><html xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
> xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
> xmlns=3D"http://www.w3.org/TR/REC-html40">
> 
><head>
><META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
> charset=3Dus-ascii">
> 
> 
><meta name=3DProgId content=3DWord.Document>
><meta name=3DGenerator content=3D"Microsoft Word 10">
><meta name=3DOriginator content=3D"Microsoft Word 10">
><link rel=3DFile-List href=3D"cid:filelist.xml@01C261B3.52C81600">
><!--[if gte mso 9]><xml>
> <o:OfficeDocumentSettings>
>  <o:DoNotRelyOnCSS/>
> </o:OfficeDocumentSettings>
></xml><![endif]--><!--[if gte mso 9]><xml>
> <w:WordDocument>
>  <w:GrammarState>Clean</w:GrammarState>
>  <w:DocumentKind>DocumentEmail</w:DocumentKind>
>  <w:HyphenationZone>21</w:HyphenationZone>
>  <w:EnvelopeVis/>
>  <w:Compatibility>
>    <w:BreakWrappedTables/>
>    <w:SnapToGridInCell/>
>    <w:WrapTextWithPunct/>
>    <w:UseAsianBreakRules/>
>  </w:Compatibility>
>  <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
> </w:WordDocument>
></xml><![endif]-->
><style>
><!--
>  /* Style Definitions */
>  p.MsoNormal, li.MsoNormal, div.MsoNormal
> 	{mso-style-parent:"";
> 	margin:0cm;
> 	margin-bottom:.0001pt;
> 	mso-pagination:widow-orphan;
> 	font-size:12.0pt;
> 	font-family:"Times New Roman";
> 	mso-fareast-font-family:"Times New Roman";}
> a:link, span.MsoHyperlink
> 	{color:blue;
> 	text-decoration:underline;
> 	text-underline:single;}
> a:visited, span.MsoHyperlinkFollowed
> 	{color:purple;
> 	text-decoration:underline;
> 	text-underline:single;}
> span.EmailStyle17
> 	{mso-style-type:personal-compose;
> 	mso-style-noshow:yes;
> 	mso-ansi-font-size:10.0pt;
> 	mso-bidi-font-size:10.0pt;
> 	font-family:Arial;
> 	mso-ascii-font-family:Arial;
> 	mso-hansi-font-family:Arial;
> 	mso-bidi-font-family:Arial;
> 	color:windowtext;}
> span.GramE
> 	{mso-style-name:"";
> 	mso-gram-e:yes;}
> @page Section1
> 	{size:612.0pt 792.0pt;
> 	margin:72.0pt 90.0pt 72.0pt 90.0pt;
> 	mso-header-margin:35.4pt;
> 	mso-footer-margin:35.4pt;
> 	mso-paper-source:0;}
> div.Section1
> 	{page:Section1;}
> -->
></style>
><!--[if gte mso 10]>
><style>
>  /* Style Definitions */=20
>  table.MsoNormalTable
> 	{mso-style-name:"Table Normal";
> 	mso-tstyle-rowband-size:0;
> 	mso-tstyle-colband-size:0;
> 	mso-style-noshow:yes;
> 	mso-style-parent:"";
> 	mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
> 	mso-para-margin:0cm;
> 	mso-para-margin-bottom:.0001pt;
> 	mso-pagination:widow-orphan;
> 	font-size:10.0pt;
> 	font-family:"Times New Roman";}
></style>
><![endif]-->
></head>
> 
><body lang=3DFR-CA link=3Dblue vlink=3Dpurple =
> style=3D'tab-interval:35.4pt'>
> 
><div class=3DSection1>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span =
> style=3D'font-size:10.0pt;
> font-family:Arial'>Hello all,<o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span =
> style=3D'font-size:10.0pt;
> font-family:Arial'><o:p>&nbsp;</o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>How can i know if a =
> text file
><span class=3DGramE>exist ?</span><o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'><o:p>&nbsp;</o:p></span=
>></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>I <span =
> class=3DGramE>mean :</span>
><o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'><o:p>&nbsp;</o:p></span=
>></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>Procedure =
> IF_FILE_EXIST is<o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>Begin<o:p></o:p></span>=
></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>&#8230;<o:p></o:p></spa=
> n></font></p>
> 
><p class=3DMsoNormal><span class=3DGramE><font size=3D2 =
> face=3DArial><span lang=3DEN-CA
> style=3D'font-size:10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>end<=
> /span></font></span><font
> size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:10.0pt;font-family:Arial;
> mso-ansi-language:EN-CA'> IF_FILE_EXIST;<o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'><o:p>&nbsp;</o:p></span=
>></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'><o:p>&nbsp;</o:p></span=
>></font></p>
> 
><p class=3DMsoNormal><span class=3DGramE><font size=3D2 =
> face=3DArial><span lang=3DEN-CA
> style=3D'font-size:10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>than=
> k</span></font></span><font
> size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:10.0pt;font-family:Arial;
> mso-ansi-language:EN-CA'> in advance<o:p></o:p></span></font></p>
> 
><p class=3DMsoNormal><font size=3D2 face=3DArial><span lang=3DEN-CA =
> style=3D'font-size:
> 10.0pt;font-family:Arial;mso-ansi-language:EN-CA'>Dominic<o:p></o:p></spa=
> n></font></p>
> 
></div>
> 
></body>
> 
></html>
> 
> ------=_NextPart_000_0001_01C261B3.5397E920--
> 

Re: if file exist

[Dale Stanbrough]

In article <mailman.1032687678.1150.comp.lang.ada@ada.eu.org>,
 "Dominic D'Apice" <dapiced@sympatico.ca> wrote:

> Hello all,
>  
> How can i know if a text file exist ?
>  
> I mean : 
>  
> Procedure IF_FILE_EXIST is
> Begin
> .
> end IF_FILE_EXIST;


Ask the operating system? Another way is to attempt to open
the file. If it opens successfully then it exists.

BTW you may have a problem as after
you get the answer the file may have been created/no longer exist.
This will of course depend on your environment.


Dale

Re: if file exist

[Per Sandbergs]

Well if you are using a modern GNAT you may use
    function Is_Regular_File
        in package GNAT.Os_Lib

/Per Sandberg

"Dominic D'Apice" <dapiced@sympatico.ca> wrote in message
news:mailman.1032687678.1150.comp.lang.ada@ada.eu.org...
Hello all,

How can i know if a text file exist ?

I mean :

Procedure IF_FILE_EXIST is
Begin
.
end IF_FILE_EXIST;


thank in advance
Dominic

Re: if file exist

[Simon Wright]

Dale Stanbrough <dale@cs.rmit.edu.au> writes:

> Ask the operating system? Another way is to attempt to open
> the file. If it opens successfully then it exists.

and is readable (assuning you tried to open it for read!). It might
exist and not be readable, in which case this test would fail.

Re: if file exist

[Frank J. Lhota]

"Simon Wright" <simon@pushface.org> wrote in message
news:x7vd6r6rskf.fsf@pushface.org...
> Dale Stanbrough <dale@cs.rmit.edu.au> writes:
>
> > Ask the operating system? Another way is to attempt to open
> > the file. If it opens successfully then it exists.
>
> and is readable (assuning you tried to open it for read!). It might
> exist and not be readable, in which case this test would fail.

Absolutely true. There is a proposal for a directory I/O package for
inclusion in Ada 0x, and that would be the ideal solution.

Re: if file exist

[Keith Thompson]

Simon Wright <simon@pushface.org> writes:
> Dale Stanbrough <dale@cs.rmit.edu.au> writes:
> > Ask the operating system? Another way is to attempt to open
> > the file. If it opens successfully then it exists.
> 
> and is readable (assuning you tried to open it for read!). It might
> exist and not be readable, in which case this test would fail.

Or, even if the file exists and is readable, the open might fail for
any number of reasons depending on the OS.  For example, in an OS that
distinguishes between binary and text files, using Text_IO.Open on a
binary file might fail.  (Then again, in such an OS, knowing whether a
file exists might not be all that useful.)

-- 
Keith Thompson (The_Other_Keith) kst@cts.com  <http://www.ghoti.net/~kst>
San Diego Supercomputer Center           <*>  <http://www.sdsc.edu/~kst>
Schroedinger does Shakespeare: "To be *and* not to be"

Re: if file exist

[Keith Thompson]

Preben Randhol <randhol+abuse@pvv.org> writes:
> On Sat, 21 Sep 2002 21:10:34 -0400, Dominic D'Apice wrote:
> > This is a multi-part message in MIME format.
> 
> If you are going to poste questions on news then turn off HTML etc and
> post text only!
[...]

If you're going to complain about someone posting HTML, please don't
quote the whole thing.

-- 
Keith Thompson (The_Other_Keith) kst@cts.com  <http://www.ghoti.net/~kst>
San Diego Supercomputer Center           <*>  <http://www.sdsc.edu/~kst>
Schroedinger does Shakespeare: "To be *and* not to be"

Re: if file exist

[Dale Stanbrough]

Simon Wright wrote:

> and is readable (assuning you tried to open it for read!). It might
> exist and not be readable, in which case this test would fail.

No, my test will succeed in that -if- it exists, and -if- it 
opens successfully, then it does exist.
I said nothing about other conditions.

Dale

Re: if file exist

[SteveD]

>"Dominic D'Apice" <dapiced@sympatico.ca> wrote in message
>news:mailman.1032687678.1150.comp.lang.ada@ada.eu.org...
>Hello all,
>
>How can i know if a text file exist ?
>
>I mean :
>
>Procedure IF_FILE_EXIST is
>Begin
>.
>end IF_FILE_EXIST;
>

How about something along the lines of:

Pseudo code:

  Procedure IF_FILE_EXIST is
  begin
     open the existing file
     close the file
     return true;
  exception
     when the exception occurs that is associated with a file not present =>
       return false;
  end IF_FILE_EXIST;

I hope this helps (I hope it works too!)

SteveD

>thank in advance
>Dominic

if_file_exist : it's working thankyou all!

[Dominic D'Apice]

Well, it's working good !

-- verifie si un fichier existe
 procedure si_fic_existe     (fichier      : out  ada.text_io.file_type
;
                              mod_fic_ecr  : in   ada.text_io.file_mode
;	 			      nom_fic      : in   string
) is
	begin
	
	ada.text_io.open (fichier,mod_fic_lec,nom_fic);
	ada.text_io.close(fichier);   
	raise sortir_program_principal;		
      exception when ada.text_io.name_error => 	null;

 end si_fic_existe;

-----Original Message-----
From: comp.lang.ada-admin@ada.eu.org
[mailto:comp.lang.ada-admin@ada.eu.org] On Behalf Of SteveD
Sent: 22 septembre, 2002 18:29
To: comp.lang.ada@ada.eu.org
Subject: Re: if file exist

>"Dominic D'Apice" <dapiced@sympatico.ca> wrote in message
>news:mailman.1032687678.1150.comp.lang.ada@ada.eu.org...
>Hello all,
>
>How can i know if a text file exist ?
>
>I mean :
>
>Procedure IF_FILE_EXIST is
>Begin
>.
>end IF_FILE_EXIST;
>

How about something along the lines of:

Pseudo code:

  Procedure IF_FILE_EXIST is
  begin
     open the existing file
     close the file
     return true;
  exception
     when the exception occurs that is associated with a file not
present =>
       return false;
  end IF_FILE_EXIST;

I hope this helps (I hope it works too!)

SteveD

>thank in advance
>Dominic


_______________________________________________
comp.lang.ada mailing list
comp.lang.ada@ada.eu.org
http://ada.eu.org/mailman/listinfo/comp.lang.ada

Re: if file exist

[Simon Wright]

Dale Stanbrough <dale@cs.rmit.edu.au> writes:

> Simon Wright wrote:
> 
> > and is readable (assuning you tried to open it for read!). It might
> > exist and not be readable, in which case this test would fail.
> 
> No, my test will succeed in that -if- it exists, and -if- it 
> opens successfully, then it does exist.
> I said nothing about other conditions.

No, but you introduced the feature that the file must be readable;
which was not in the original poster's requirements.

Re: if_file_exist : it's working thankyou all!

[Simon Wright]

"Dominic D'Apice" <dapiced@sympatico.ca> writes:

> Well, it's working good !
> 
> -- verifie si un fichier existe
>  procedure si_fic_existe     (fichier      : out  ada.text_io.file_type
> ;
>                               mod_fic_ecr  : in   ada.text_io.file_mode
> ;	 			      nom_fic      : in   string
> ) is
> 	begin
> 	
> 	ada.text_io.open (fichier,mod_fic_lec,nom_fic);
> 	ada.text_io.close(fichier);   
> 	raise sortir_program_principal;		
>       exception when ada.text_io.name_error => 	null;
> 
>  end si_fic_existe;

Why are you passing fichier in, since you exit with it closed (the
file didn't exist) or indeterminate (if it did)? Do you think a local
variable would be more appropriate?

By the way, if you check the ARM in Annex A (A.13) you will find

  The exception Name_Error is propagated by a call of Create or Open
  if the string given for the parameter Name does not allow the
  identification of an external file. For example, this exception is
  propagated if the string is improper, or, alternatively, if either
  none or more than one external file corresponds to the string.

Re: if file exist

[Larry Kilgallen]

In article <x7vy99twam9.fsf@pushface.org>, Simon Wright <simon@pushface.org> writes:
> Dale Stanbrough <dale@cs.rmit.edu.au> writes:
> 
>> Simon Wright wrote:
>> 
>> > and is readable (assuning you tried to open it for read!). It might
>> > exist and not be readable, in which case this test would fail.
>> 
>> No, my test will succeed in that -if- it exists, and -if- it 
>> opens successfully, then it does exist.
>> I said nothing about other conditions.
> 
> No, but you introduced the feature that the file must be readable;
> which was not in the original poster's requirements.

On some operating systems the existence of a file for which the user
lacks read permission cannot be detected.  A general solution for
detecting unreadable files is not possible.

RE: if_file_exist : it's working thankyou all!

[Dominic D'Apice]

The thing is i would like to verify if the file exist ;

1- try to open the file

	if file not there then it goes to exception (AT THE END OF THE
PROCEUDRE  and it do nothing (null;)  	=> that what I want

BUT

2-If file there then

Close it AND RAISE THE REAL EXEPTION (LOCATED IN MAIN PROGRAM, MEANS
THAT THE FILE EXIT...



Well, may I don't understand , what you tell..
Dominic





-----Original Message-----
From: comp.lang.ada-admin@ada.eu.org
[mailto:comp.lang.ada-admin@ada.eu.org] On Behalf Of Simon Wright
Sent: 23 septembre, 2002 01:26
To: comp.lang.ada@ada.eu.org
Subject: Re: if_file_exist : it's working thankyou all!

"Dominic D'Apice" <dapiced@sympatico.ca> writes:

> Well, it's working good !
> 
> -- verifie si un fichier existe
>  procedure si_fic_existe     (fichier      : out
ada.text_io.file_type
> ;
>                               mod_fic_ecr  : in
ada.text_io.file_mode
> ;	 			      nom_fic      : in   string
> ) is
> 	begin
> 	
> 	ada.text_io.open (fichier,mod_fic_lec,nom_fic);
> 	ada.text_io.close(fichier);   
> 	raise sortir_program_principal;		
>       exception when ada.text_io.name_error => 	null;
> 
>  end si_fic_existe;

Why are you passing fichier in, since you exit with it closed (the
file didn't exist) or indeterminate (if it did)? Do you think a local
variable would be more appropriate?

By the way, if you check the ARM in Annex A (A.13) you will find

  The exception Name_Error is propagated by a call of Create or Open
  if the string given for the parameter Name does not allow the
  identification of an external file. For example, this exception is
  propagated if the string is improper, or, alternatively, if either
  none or more than one external file corresponds to the string.
_______________________________________________
comp.lang.ada mailing list
comp.lang.ada@ada.eu.org
http://ada.eu.org/mailman/listinfo/comp.lang.ada

Re: if_file_exist : it's working thankyou all!

[Simon Wright]

"Dominic D'Apice" <dapiced@sympatico.ca> writes:

Dominic,

I would find it much easier to try to help you if you would put your
comments _after_ the part of my message that you are responding to. As
I have done in this article.

Indeed, I had to read to the end before I found out it was my article
you were replying to. So you nearly didn't get a reply at all (of
course, you may not care!)

> The thing is i would like to verify if the file exist ;
> 
> 1- try to open the file
> 
> 	if file not there then it goes to exception (AT THE END OF THE
> PROCEUDRE  and it do nothing (null;)  	=> that what I want
> 
> BUT
> 
> 2-If file there then
> 
> Close it AND RAISE THE REAL EXEPTION (LOCATED IN MAIN PROGRAM, MEANS
> THAT THE FILE EXIT...

I understood that ..

> Well, may I don't understand , what you tell..

This is your code (slightly reformatted):

   procedure si_fic_existe (fichier : out ada.text_io.file_type;
                            mod_fic_ecr : in ada.text_io.file_mode;
                            nom_fic : in string) is
   begin
      ada.text_io.open (fichier,mod_fic_lec,nom_fic);
      ada.text_io.close (fichier);   
      raise sortir_program_principal;		
   exception
      when ada.text_io.name_error => null;
   end si_fic_existe;

and I'm suggesting that this would be even more useful:

   procedure si_fic_existe (nom_fic : in String;
                            mod_fic_ecr : in ada.text_io.file_mode) is
      fichier : ada.text_io.file_type;
   begin
      ada.text_io.open (fichier, mod_fic_lec, nom_fic);
      ada.text_io.close (fichier);
      raise sortir_program_principal;
   exception
      when ada.text_io.name_error => null;
   end si_fic_existe;

because you aren't asking your caller to supply a variable (fichier)
which is of no use to him after your procedure has returned.

-S

Re: if file exist

[Nick Roberts]

On 23 Sep 2002 06:38:22 -0600, Kilgallen@SpamCop.net (Larry Kilgallen)
strongly typed:

>On some operating systems the existence of a file for which the user
>lacks read permission cannot be detected.  A general solution for
>detecting unreadable files is not possible.

In addition, if you were to do, e.g. on MS-DOS:

   Open(F1,In_File,"COM1:");

You could get failure for a variety of reasons nothing to do with the
existence, non-existence, or readability of files.

In particular, it is quite possible that a file existence detector may say
"COM1:" does not exist (as a file, or as a readable file, or as a readable
text file), yet the above statement may succeed (and be useful).

In full generality, it is not possible for a program to detect the
existence of files for the purposes of determining whether it can
subsequently open them for a particular purpose. On any multi-processing
system, for example, the file could be deleted in between the detection and
the opening.

As far as the Ada program is concerned, the file name "foo" might mean:
hack into the CIA central computer in CIACHQ Langley VA*; select a file at
random with "foo" somewhere in the name; decrypt it using Blowfish and the
key "Oojalum123"; reverse the order of the byte contents; send an e-mail to
Tom Cruise, telling him what a handsome guy he is; insert the names of
known KGB agents into the byte stream at 4KB intervals. The OS can
interpret names how it likes.

In general, I recommend that Ada code simply handles the Name_Error
exception appropriately.

[* properly, now named the George Bush Center for Intelligence]

-- 
Nick Roberts
Per Ardua ad Disastra

Re: if file exist

[Warren W. Gay VE3WWG]

Nick Roberts wrote:
> On 23 Sep 2002 06:38:22 -0600, Kilgallen@SpamCop.net (Larry Kilgallen)
> strongly typed:
> 
>>On some operating systems the existence of a file for which the user
>>lacks read permission cannot be detected.  A general solution for
>>detecting unreadable files is not possible.

On most file systems, when you don't have the permission(s)
to read the _directory_, you cannot determine if the file
exists or not (within that directory). This is because
the directory itself is unreadable by you, and intentially
so! So this is another example of how a general solution
is not possible, and this applies to _most_ O/S in use,
where security at the directory level is possible.

-- 
Warren W. Gay VE3WWG
http://home.cogeco.ca/~ve3wwg

Re: if file exist

[Robert A Duff]

"Warren W. Gay VE3WWG" <ve3wwg@cogeco.ca> writes:

> Nick Roberts wrote:
> > On 23 Sep 2002 06:38:22 -0600, Kilgallen@SpamCop.net (Larry Kilgallen)
> > strongly typed:
> >
> >>On some operating systems the existence of a file for which the user
> >>lacks read permission cannot be detected.  A general solution for
> >>detecting unreadable files is not possible.
> 
> On most file systems, when you don't have the permission(s)
> to read the _directory_, you cannot determine if the file
> exists or not (within that directory). This is because
> the directory itself is unreadable by you, and intentially
> so! So this is another example of how a general solution
> is not possible, and this applies to _most_ O/S in use,
> where security at the directory level is possible.

I don't agree that "a general solution is not possible".
A File_Exists return Boolean function makes perfect sense.
Of course it returns False if the file is invisible to the 
current process (because it "exists" in an inaccessible directory).
To *this* process, that file does not exist.

- Bob

Re: if file exist

[steve_H]

Robert A Duff <bobduff@shell01.TheWorld.com> wrote in message news:<wccadm41jqs.fsf@shell01.TheWorld.com>...
 
> I don't agree that "a general solution is not possible".
> A File_Exists return Boolean function makes perfect sense.
> Of course it returns False if the file is invisible to the 
> current process (because it "exists" in an inaccessible directory).
> To *this* process, that file does not exist.
 
But the above is not logical. If your function return FALSE, then one
does not know if this means the file actually does not exist, or that 
the function was not able to determine if it exist or not becuase of 
permission issues.  The user might want to know this.

You have overloaded the boolean result of FALSE to mean more than one thing.

Why not have simply have a function that returns a status code istead of
TRUE or FALSE? A status code can have more information in it than just a flag.

Re: if file exist

[Robert A Duff]

nma124@hotmail.com (steve_H) writes:

> Robert A Duff <bobduff@shell01.TheWorld.com> wrote in message news:<wccadm41jqs.fsf@shell01.TheWorld.com>...
>  
> > I don't agree that "a general solution is not possible".
> > A File_Exists return Boolean function makes perfect sense.
> > Of course it returns False if the file is invisible to the 
> > current process (because it "exists" in an inaccessible directory).
> > To *this* process, that file does not exist.
>  
> But the above is not logical. If your function return FALSE, then one
> does not know if this means the file actually does not exist, or that 
> the function was not able to determine if it exist or not becuase of 
> permission issues.  The user might want to know this.

Fine, but if you ask whether secret/mumble exists, and "secret" is my
secret directory, it should *not* tell you whether or not the file
exists.

- Bob

Re: if file exist

[Randy Brukardt]

steve_H wrote in message
<8db3d6c8.0209270247.5bf07ae5@posting.google.com>...
>Robert A Duff <bobduff@shell01.TheWorld.com> wrote in message
news:<wccadm41jqs.fsf@shell01.TheWorld.com>...
>
>> I don't agree that "a general solution is not possible".
>> A File_Exists return Boolean function makes perfect sense.
>> Of course it returns False if the file is invisible to the
>> current process (because it "exists" in an inaccessible directory).
>> To *this* process, that file does not exist.
>
>But the above is not logical. If your function return FALSE, then one
>does not know if this means the file actually does not exist, or that
>the function was not able to determine if it exist or not becuase of
>permission issues.  The user might want to know this.


That would be a terrible breach of security. Simply that fact that
something exists can be used as an attack point or a way to transmit
information. To a process that doesn't have permission to a directory,
no information whatsover about the file should be available.

The point is that "If_Exist" is meaningless by itself. Its meaning
depends on permissions and capabilities and probably other stuff that
couldn't practically be standardized.

Of course, if everyone implemented Ada.Directories, you could use that
and figure out whatever interpretation you'd like.

          Randy.

Re: if file exist

[Mark Biggar]

steve_H wrote:
> Robert A Duff <bobduff@shell01.TheWorld.com> wrote in message news:<wccadm41jqs.fsf@shell01.TheWorld.com>... 
>>I don't agree that "a general solution is not possible".
>>A File_Exists return Boolean function makes perfect sense.
>>Of course it returns False if the file is invisible to the 
>>current process (because it "exists" in an inaccessible directory).
>>To *this* process, that file does not exist.
> But the above is not logical. If your function return FALSE, then one
> does not know if this means the file actually does not exist, or that 
> the function was not able to determine if it exist or not becuase of 
> permission issues.  The user might want to know this.

No, from a computer security point of view, this is exactly what is
wanted.  A user should see absolutely no difference between "file does
not exist" and "you don't have permission to see the file".  Otherwise,
you have introduced a covert information channel.

-- 
Mark Biggar
mark.a.biggar@attbi.com

Re: if file exist

[Larry Kilgallen]

In article <3D94D418.5010604@attbi.com>, Mark Biggar <mark.a.biggar@attbi.com> writes:
> steve_H wrote:

>> But the above is not logical. If your function return FALSE, then one
>> does not know if this means the file actually does not exist, or that 
>> the function was not able to determine if it exist or not becuase of 
>> permission issues.  The user might want to know this.
> 
> No, from a computer security point of view, this is exactly what is
> wanted.  A user should see absolutely no difference between "file does
> not exist" and "you don't have permission to see the file".  Otherwise,
> you have introduced a covert information channel.

Beyond security, there are other possibilities like "this file is
shelved and all the unshelving drives are currently busy".  And as
has been mentioned by others, "this file exists but someone else
will delete it between now and when you try to open it" :-)

Re: if file exist

[Keith Thompson]

"Randy Brukardt" <randy@rrsoftware.com> writes:
> steve_H wrote in message
> <8db3d6c8.0209270247.5bf07ae5@posting.google.com>...
> >Robert A Duff <bobduff@shell01.TheWorld.com> wrote in message
> news:<wccadm41jqs.fsf@shell01.TheWorld.com>...
> >
> >> I don't agree that "a general solution is not possible".
> >> A File_Exists return Boolean function makes perfect sense.
> >> Of course it returns False if the file is invisible to the
> >> current process (because it "exists" in an inaccessible directory).
> >> To *this* process, that file does not exist.
> >
> >But the above is not logical. If your function return FALSE, then one
> >does not know if this means the file actually does not exist, or that
> >the function was not able to determine if it exist or not becuase of
> >permission issues.  The user might want to know this.
> 
> That would be a terrible breach of security. Simply that fact that
> something exists can be used as an attack point or a way to transmit
> information. To a process that doesn't have permission to a directory,
> no information whatsover about the file should be available.

I don't think Randy was suggesting that File_Exists should tell you
whether the file exists even if the directory is unreadable.  I think
his point is that a simple Boolean result may not be sufficient.  You
might want at least 3 possible results: file exists; file does not
exist; file may or may not exist but I can't tell you which.

Or you could have a Boolean function that raises an exception if it
can't determine a definitive answer.

The point is, you can't really determine how to answer the question
"Does this file exist?" until you decide what you're going to do with
the answer.

That's probably why the Ada I/O packages don't provide such a
function.  Instead, they let you try to perform an operation on a
file, and handle an exception if the operation fails.

-- 
Keith Thompson (The_Other_Keith) kst@cts.com  <http://www.ghoti.net/~kst>
San Diego Supercomputer Center           <*>  <http://www.sdsc.edu/~kst>
Schroedinger does Shakespeare: "To be *and* not to be"

Re: if file exist

[Marin David Condic]

Q: Are you a spy?

A: I'm not allowed to say...

Maybe its better to think about it from the OS level - provide something in
an OS interface package that says "We'll return whatever information the OS
will give us about the file and it is OS dependent as to what the result
is..." That way whatever security the OS wants to provide is respected.

MDC
--
======================================================================
Marin David Condic
I work for: http://www.belcan.com/
My project is: http://www.jast.mil/

Send Replies To: m c o n d i c @ a c m . o r g

    "I'd trade it all for just a little more"
        --  Charles Montgomery Burns, [4F10]
======================================================================

Keith Thompson <kst@cts.com> wrote in message
news:yec7kh6ud49.fsf@king.cts.com...
> his point is that a simple Boolean result may not be sufficient.  You
> might want at least 3 possible results: file exists; file does not
> exist; file may or may not exist but I can't tell you which.
>

Re: if file exist

[Keith Thompson]

"Marin David Condic" <mcondic.auntie.spam@acm.org> writes:
> Q: Are you a spy?
> 
> A: I'm not allowed to say...
> 
> Maybe its better to think about it from the OS level - provide something in
> an OS interface package that says "We'll return whatever information the OS
> will give us about the file and it is OS dependent as to what the result
> is..." That way whatever security the OS wants to provide is respected.

I don't think we are (or should be) debating whether to respect the
security provided by the OS.  Violating OS security isn't just a bad
idea, it's just plain impossible (barring OS bugs, of course).

-- 
Keith Thompson (The_Other_Keith) kst@cts.com  <http://www.ghoti.net/~kst>
San Diego Supercomputer Center           <*>  <http://www.sdsc.edu/~kst>
Schroedinger does Shakespeare: "To be *and* not to be"

Re: if file exist

[Christopher Browne]

In the last exciting episode, Keith Thompson <kst@cts.com> wrote::
> "Marin David Condic" <mcondic.auntie.spam@acm.org> writes:
>> Q: Are you a spy?
>> 
>> A: I'm not allowed to say...
>> 
>> Maybe its better to think about it from the OS level - provide something in
>> an OS interface package that says "We'll return whatever information the OS
>> will give us about the file and it is OS dependent as to what the result
>> is..." That way whatever security the OS wants to provide is respected.
>
> I don't think we are (or should be) debating whether to respect the
> security provided by the OS.  Violating OS security isn't just a bad
> idea, it's just plain impossible (barring OS bugs, of course).

FYI, here are two /highly/ relevant links to documents concerning
a Multics security evaluation done back in 1974.

http://csrc.nist.gov/publications/history/karg74.pdf
http://domino.watson.ibm.com/library/cyberdig.nsf/papers?SearchView&Query=(multics)

Part of the conclusion was that Multics /wasn't/ acceptably secure,
back then, and that some modifications to the security design would be
required to make it /really/ secure.  The OSes of today have downright
moved backwards from that.

Another part of the conclusion was that part of the security Multics
/did/ have came from the string support in PL/1.  The buffer overruns
that C is famed for wouldn't happen in PL/1, and more than likely
aren't Ada things either...

Some interesting principles pop out, in any case...
-- 
(concatenate 'string "cbbrowne" "@ntlug.org")
http://cbbrowne.com/info/multics.html
I've had a perfectly wonderful evening. But this wasn't it.
-- Groucho Marx

Re: if file exist

[Stefan Skoglund]

Mark Biggar wrote:
> No, from a computer security point of view, this is exactly what is
> wanted.  A user should see absolutely no difference between "file does
> not exist" and "you don't have permission to see the file".  Otherwise,
> you have introduced a covert information channel.

Hrmm, rather flimsy security in that case.
Security-by-obscurity doesn't work.

In that case a simple 'ls filename' on unix
will give a not enough permissions message
'ls `dirname filename`' will tell if we are having
a directory permissions problem.

Re: if file exist

[Robert A Duff]

Stefan Skoglund <stetson@ebox.tninet.se> writes:

> Mark Biggar wrote:
> > No, from a computer security point of view, this is exactly what is
> > wanted.  A user should see absolutely no difference between "file does
> > not exist" and "you don't have permission to see the file".  Otherwise,
> > you have introduced a covert information channel.
> 
> Hrmm, rather flimsy security in that case.
> Security-by-obscurity doesn't work.

Methinks you are misusing the term "security by obscurity", which I
understand to mean security by preventing people from knowing the method
of security.  For example, if you don't give out the source code for
your operating system, so people won't know the password encryption
algorithm, in an attempt to prevent people from breaking that algorithm.
You're right -- that doesn't work very well.  But it has nothing to do
with this case.

> In that case a simple 'ls filename' on unix
> will give a not enough permissions message
> 'ls `dirname filename`' will tell if we are having
> a directory permissions problem.

I'm not sure what the second command is attempting to do, but I'm pretty
sure that on Unix systems, if you have no access to directory "dir"
(i.e., rwx bits all zero), then you can't find out whether a given file
name exists in dir.  E.g., "ls dir/exists" and "ls dir/not-exists" will
both produce the same error message, even though exists exists and
not-exists does not.  Attempting to run a directory as a command will
cause an error, too, so I don't see how the second command causes a
security flaw.  Please explain the 'ls `dirname filename`'.

- Bob

Re: if file exist

[Keith Thompson]

Robert A Duff <bobduff@shell01.TheWorld.com> writes:
[...]
> I'm not sure what the second command is attempting to do, but I'm pretty
> sure that on Unix systems, if you have no access to directory "dir"
> (i.e., rwx bits all zero), then you can't find out whether a given file
> name exists in dir.  E.g., "ls dir/exists" and "ls dir/not-exists" will
> both produce the same error message, even though exists exists and
> not-exists does not.  Attempting to run a directory as a command will
> cause an error, too, so I don't see how the second command causes a
> security flaw.  Please explain the 'ls `dirname filename`'.

I think you missed the backticks and/or the fact that "dirname" is a
Unix command that prints a given filename with the trailing component
removed.  (It's a litle confusing; "dirname" is a literal command
name, and "filename" substitutes for the actual name of some file.)

So the command

    ls `dirname /etc/motd`

expands (well, contracts actually) to

    ls /etc

-- 
Keith Thompson (The_Other_Keith) kst@cts.com  <http://www.ghoti.net/~kst>
San Diego Supercomputer Center           <*>  <http://www.sdsc.edu/~kst>
Schroedinger does Shakespeare: "To be *and* not to be"

Re: if file exist

[Robert A Duff]

Keith Thompson <kst@cts.com> writes:

> Robert A Duff <bobduff@shell01.TheWorld.com> writes:
> [...]
> > I'm not sure what the second command is attempting to do, but I'm pretty
> > sure that on Unix systems, if you have no access to directory "dir"
> > (i.e., rwx bits all zero), then you can't find out whether a given file
> > name exists in dir.  E.g., "ls dir/exists" and "ls dir/not-exists" will
> > both produce the same error message, even though exists exists and
> > not-exists does not.  Attempting to run a directory as a command will
> > cause an error, too, so I don't see how the second command causes a
> > security flaw.  Please explain the 'ls `dirname filename`'.
> 
> I think you missed the backticks and/or the fact that "dirname" is a
> Unix command that prints a given filename with the trailing component
> removed.

I missed the fact that "dirname" was the dirname command.
I thought it meant "the name of some directory".

I still don't see how this introduces a security hole.
The dirname command just works on a string -- it doesn't care whether
the given file and directory names exist.  And 'ls' won't tell you
whether the file exists either.

(The security hole in question is when I have a private directory foo,
can outsiders find out the name(s) of my files in foo.)

- Bob

Re: if file exist

[David Thompson]

Mark Biggar <mark.a.biggar@attbi.com> wrote :
> steve_H wrote:
...
> > But the above is not logical. If your function return FALSE, then one
> > does not know if this means the file actually does not exist, or that
> > the function was not able to determine if it exist or not becuase of
> > permission issues.  The user might want to know this.
>
> No, from a computer security point of view, this is exactly what is
> wanted.  A user should see absolutely no difference between "file does
> not exist" and "you don't have permission to see the file".  Otherwise,
> you have introduced a covert information channel.
>
First this only matters if you want/need nondiscretionary controls.
Second it is OK if the third state is not specifically 'file exists but
you don't have access' but rather 'I won't say if the file exists'* --
as in Multics' most-frequent and perhaps most-annoying error
code/message "Insufficient access to return any information".

* assuming there isn't an observable timing difference either

--
- David.Thompson 1 now at worldnet.att.net

Re: if file exist

[Larry Kilgallen]

In article <g99o9.6469$k_2.489840@bgtnsc05-news.ops.worldnet.att.net>, "David Thompson" <david.thompson1@worldnet.att.net> writes:
> Mark Biggar <mark.a.biggar@attbi.com> wrote :
>> steve_H wrote:
> ...
>> > But the above is not logical. If your function return FALSE, then one
>> > does not know if this means the file actually does not exist, or that
>> > the function was not able to determine if it exist or not becuase of
>> > permission issues.  The user might want to know this.
>>
>> No, from a computer security point of view, this is exactly what is
>> wanted.  A user should see absolutely no difference between "file does
>> not exist" and "you don't have permission to see the file".  Otherwise,
>> you have introduced a covert information channel.
>>
> First this only matters if you want/need nondiscretionary controls.

Non-discretionary controls, known as MAC for Mandatory Access Controls,
are when the direct data owner (e.g., file owner) does not have full
rights to control protection, for instance no right to disclose.

The inability to tell whether an inaccessible file exists is _NOT_
restricted to MAC situations.  Under DAC (Dicretionary Access Controls)
the data owner may very well wish to restrict knowledge of file existence.
Whether the desire for non-disclosure comes from the data owner or some
higher authority has nothing to do with what characteristics are required
in order to avoid disclosing the presence of a file.

Re: if file exist

[David Thompson]

Larry Kilgallen <Kilgallen@SpamCop.net> wrote :
> In article <g99o9.6469$k_2.489840@bgtnsc05-news.ops.worldnet.att.net>, "David
Thompson" <david.thompson1@worldnet.att.net> writes:
> > Mark Biggar <mark.a.biggar@attbi.com> wrote :
...
> >> No, from a computer security point of view, this is exactly what is
> >> wanted.  A user should see absolutely no difference between "file does
> >> not exist" and "you don't have permission to see the file".  Otherwise,
> >> you have introduced a covert information channel.
> >>
> > First this only matters if you want/need nondiscretionary controls.
>
> Non-discretionary controls, known as MAC for Mandatory Access Controls,
> are when the direct data owner (e.g., file owner) does not have full
> rights to control protection, for instance no right to disclose.
>
Yes, and not just the owner, but also other users who are authorized
to read and/or write, if any.

> The inability to tell whether an inaccessible file exists is _NOT_
> restricted to MAC situations.  Under DAC (Dicretionary Access Controls)
> the data owner may very well wish to restrict knowledge of file existence.
> Whether the desire for non-disclosure comes from the data owner or some
> higher authority has nothing to do with what characteristics are required
> in order to avoid disclosing the presence of a file.

But only MAC really needs to be concerned about covert channels,
since a DAC-authorized user is permitted to use open channels.
AFAICT it is rare(r?) in DAC situations to care about disclosing
existence, only contents, but if it is, it is common (and I am
assuming possible) to put the file in a directory which is restricted
against unauthorized probing for member's names and existence.

--
- David.Thompson 1 now at worldnet.att.net