Martin v. Löwis wrote: > In a POSIX world, you need read permission on the directory. > In Windows, with the "bypass-traversal-check" privilege, > you only need read permission on the directory if you want > to list it, not to access a file in the directory. Is it > actually possible for GetFileAttributes to ever fail for > security reasons?
After a little experimentation I can confirm: * R_OK: A process with bypass-traversal-check priv. enabled doesn't need any access to intervening directories in order to get the attributes of a file within them. This means that our existing R_OK result is accurate for any file: if we can get its attributes then you can open the file for reading. * W_OK: If a user has *only* read permission on a file (regardless of the intervening directories), we'll still return True for a W_OK check, as long the file doesn't have its read-only bit set. This means that it's possible for os.access to return True for a W_OK check on a file which can't then be opened for, say, appending. * X_OK: No idea what we should do with this. In short, no further fiddling with the existing GetFileAttributes solution is likely to achieve anything useful. The way to go would be to use an AccessCheck solution which mirrors the approach used on *nix: we ask the OS to check for r/w/x and return whatever it returns. The exact semantics of that (eg on directories) are o/s dependent and you need to refer to the docs for more info. I hope to make time in the next few days to put forward a patch to implement this in posixmodule.c. TJG -- http://mail.python.org/mailman/listinfo/python-list
