Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Whats even worse: Trying to figure out if the current user/process is allowed to write to a file in a specific path.


Because you shouldn't. Either try and write, and see if it fails, or if need-be ask for an exclusive lock on the file and see if the OS gives it to you. That isn't just permissions either, it actually picks up a lot of potential problems (e.g. device disconnected, lock conflict, et al).


This. Seeing if you can do something before actually doing it falls victim to TOCTOU[0] bugs. Until one actually tries to perform the security-sensitive operation, there's no guaranteeing that you will succeed.

[0]: https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: