path: root/upstream/debian-unstable/man3/filetest.3perl

.\" -*- mode: troff; coding: utf-8 -*-
.\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.nr rF 0
.if \n(.g .if rF .nr rF 1
.if (\n(rF:(\n(.g==0)) \{\
.    if \nF \{\
.        de IX
.        tm Index:\\$1\t\\n%\t"\\$2"
..
.        if !\nF==2 \{\
.            nr % 0
.            nr F 2
.        \}
.    \}
.\}
.rr rF
.\" ========================================================================
.\"
.IX Title "filetest 3perl"
.TH filetest 3perl 2024-01-12 "perl v5.38.2" "Perl Programmers Reference Guide"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH NAME
filetest \- Perl pragma to control the filetest permission operators
.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 6
\&    $can_perhaps_read = \-r "file";      # use the mode bits
\&    {
\&        use filetest \*(Aqaccess\*(Aq;          # intuit harder
\&        $can_really_read = \-r "file";
\&    }
\&    $can_perhaps_read = \-r "file";      # use the mode bits again
.Ve
.SH DESCRIPTION
.IX Header "DESCRIPTION"
This pragma tells the compiler to change the behaviour of the filetest
permission operators, \f(CW\*(C`\-r\*(C'\fR \f(CW\*(C`\-w\*(C'\fR \f(CW\*(C`\-x\*(C'\fR \f(CW\*(C`\-R\*(C'\fR \f(CW\*(C`\-W\*(C'\fR \f(CW\*(C`\-X\*(C'\fR
(see perlfunc).
.PP
The default behaviour of file test operators is to use the simple
mode bits as returned by the \fBstat()\fR family of system calls.  However,
many operating systems have additional features to define more complex
access rights, for example ACLs (Access Control Lists).
For such environments, \f(CW\*(C`use filetest\*(C'\fR may help the permission
operators to return results more consistent with other tools.
.PP
The \f(CW\*(C`use filetest\*(C'\fR or \f(CW\*(C`no filetest\*(C'\fR statements affect file tests defined in
their block, up to the end of the closest enclosing block (they are lexically
block-scoped).
.PP
Currently, only the \f(CW\*(C`access\*(C'\fR sub-pragma is implemented.  It enables (or
disables) the use of \fBaccess()\fR when available, that is, on most UNIX systems and
other POSIX environments.  See details below.
.SS "Consider this carefully"
.IX Subsection "Consider this carefully"
The \fBstat()\fR mode bits are probably right for most of the files and
directories found on your system, because few people want to use the
additional features offered by \fBaccess()\fR. But you may encounter surprises
if your program runs on a system that uses ACLs, since the \fBstat()\fR
information won't reflect the actual permissions.
.PP
There may be a slight performance decrease in the filetest operations
when the filetest pragma is in effect, because checking bits is very
cheap.
.PP
Also, note that using the file tests for security purposes is a lost cause
from the start: there is a window open for race conditions (who is to
say that the permissions will not change between the test and the real
operation?).  Therefore if you are serious about security, just try
the real operation and test for its success \- think in terms of atomic
operations.  Filetests are more useful for filesystem administrative
tasks, when you have no need for the content of the elements on disk.
.SS "The ""access"" sub-pragma"
.IX Subsection "The ""access"" sub-pragma"
UNIX and POSIX systems provide an abstract \fBaccess()\fR operating system call,
which should be used to query the read, write, and execute rights. This
function hides various distinct approaches in additional operating system
specific security features, like Access Control Lists (ACLs)
.PP
The extended filetest functionality is used by Perl only when the argument
of the operators is a filename, not when it is a filehandle.
.ie n .SS "Limitation with regard to ""_"""
.el .SS "Limitation with regard to \f(CW_\fP"
.IX Subsection "Limitation with regard to _"
Because \fBaccess()\fR does not invoke \fBstat()\fR (at least not in a way visible
to Perl), \fBthe stat result cache "_" is not set\fR.  This means that the
outcome of the following two tests is different.  The first has the stat
bits of \fI/etc/passwd\fR in \f(CW\*(C`_\*(C'\fR, and in the second case this still
contains the bits of \f(CW\*(C`/etc\*(C'\fR.
.PP
.Vb 4
\& { \-d \*(Aq/etc\*(Aq;
\&   \-w \*(Aq/etc/passwd\*(Aq;
\&   print \-f _ ? \*(AqYes\*(Aq : \*(AqNo\*(Aq;   # Yes
\& }
\&
\& { use filetest \*(Aqaccess\*(Aq;
\&   \-d \*(Aq/etc\*(Aq;
\&   \-w \*(Aq/etc/passwd\*(Aq;
\&   print \-f _ ? \*(AqYes\*(Aq : \*(AqNo\*(Aq;   # No
\& }
.Ve
.PP
Of course, unless your OS does not implement \fBaccess()\fR, in which case the
pragma is simply ignored.  Best not to use \f(CW\*(C`_\*(C'\fR at all in a file where
the filetest pragma is active!
.PP
As a side effect, as \f(CW\*(C`_\*(C'\fR doesn't work, stacked filetest operators
(\f(CW\*(C`\-f \-w $file\*(C'\fR) won't work either.
.PP
This limitation might be removed in a future version of perl.