$can_perhaps_read = -r "file"; # use the mode bits { use filetest 'access'; # intuit harder $can_really_read = -r "file"; } $can_perhaps_read = -r "file"; # use the mode bits again
This lexically scoped pragma tells the compiler to change the behavior of the unary file test operators -r, -w, -x, -R, -W, and -X, documented in Chapter 3, "Unary and Binary Operators". The default behavior for these file tests is to use the mode bits returned by the stat family of calls. However, this may not always be the right thing to do, such as when a filesystem understands ACLs (access control lists). In environments such as AFS where this matters, the use filetest pragma may help the permission operators to return results more consistent with other tools.
There may be a slight performance decrease in the affected file test operators under use filetest, since on some systems the extended functionality needs to be emulated.
Warning: any notion of using file tests for security purposes is a lost cause from the start. There is a window open for race conditions, because there's no way to guarantee that the permissions will not change between the test and the real operation. If you are the least bit serious about security, you won't use file test operators to decide whether something will work. Instead, just go ahead try the real operation, then test for whether that operation succeeded. (You should be doing that anyway.) See the section "Handling Timing Glitches" in Chapter 23, "Security".
Currently only one import, access, is implemented. Calling use filetext 'access' enables the use of access(2) or similar syscalls when performing file tests, and no filetest 'access' similarly disables it. This extended file test functionality is used only when the operator's operand (or, if you prefer, the unary function's argument) is a real filename, not when it is a filehandle.
Copyright © 2001 O'Reilly & Associates. All rights reserved.