On Fri May 13 11:11:01 2016, BBYRD wrote:
Show quoted text> For directories with ACLs on them, a simple -r check won't work. We
> have a directory that fails a -r check, but is actually readable, due
> to ACLs.
Just because I care - Windows, Linux or Unix? If Unix, which one?
Show quoted text> This is actually a common problem of ours with a few
> different modules. The perldoc -X page talks about it.
Not very explicitely - but ok, noticed :)
Show quoted text> You could add a "use filetest 'access'" line to fix that. Although,
> the most reliable method is to just open/opendir the file/directory
> and see if it works. If it doesn't, the standard error message will
> spit out a good enough reason, including permission problems.
I understand that you're usecase is covered by that approach.
Few (maybe insane) thoughts speak against that quick shot:
1) performance tradeoff
The changed implementation will take longer for any check it does, depending how the module is used, this can significantly slow down startups of tools used in batch processing
2) security tradeoff
The changed implementation might trigger IDS because of access attempts
3) behavioral change
The changed implementation might unexpectedly deliver different results (given, current users rely on this - even if wrong - behavior)
It sounds as a better approch to me allowing new test methods being externally provided (plugin, role, ...) and specified on load or on instantiation.
This might need more discussion. Can you please ask for comments on cpan-workers@ regarding this topic?
Cheers,
Sno
