develooper Front page | perl.vmsperl | Postings from January 2002

RE: Privileges won't let me "opendir"?

Thread Next
BAZLEY, Sebastian
January 30, 2002 06:06
RE: Privileges won't let me "opendir"?
Message ID:
I've never understood why the vms.c routines bother checking access rights -
why not try the command, and let the standard system checks throw out any
invalid accesses?

There was another problem with DECNET logicals; the access checks did not
properly allow for the such devices. And I think NFS mounts may also have
problems, but I've not checked recently.

Sebastian Bazley <>
The opinions expressed herein are my own, and are not necessarily endorsed
by my employer ...

-----Original Message-----
From: []
Sent: 29 January 2002 21:47
To: Tom Edelson
Subject: Re: Privileges won't let me "opendir"?

Yes there seems may be a bug in interpreting non SS$_NORMAL returns
from vms.c:cando_by_name() that I have seen in perl 5.005_02 as well
(my test case was not a PRIV problem though).

It might be worthwhile considering some ACL tests in (or were we
supposed to get rid of that procedure?).

Peter Prymmer


                      Tom Edelson

                      <Tom.Edelson@sas         To:      "''"
                      .com>                    cc:


                      01/29/2002 04:05         Subject: Privileges won't let
me "opendir"?                               



The following seems like a bug to me, but maybe I'm missing something ...

The built-in "opendir" function doesn't seem to follow normal VMS security
rules.  In particular, if I have access to a directory, but only because I
have privileges turned on, I think opendir should succeed, but it doesn't.

  $ perl -v

  This is perl, v5.6.1 built for VMS_AXP

With no access in the directory's security profile, and no privileges,
naturally I can't read the directory through DCL and opendir doesn't work



  TEMP.DIR;1           [SYSTEM]                         (RWE,RWE,RE,)
  Total of 1 file.


  $ DIR [.TEMP]
*;* as input
  -RMS-E-PRV, insufficient privilege or file protection violation

  $ perl -e "print ""<"", opendir ($dh, ""[.temp]""), "">"" "

If I give myself BYPASS privilege, now I can read the directory through
DCL, but opendir still doesn't work:


  $ DIR [.TEMP]



  Total of 1 file.

  $ perl -e "print ""<"", opendir ($dh, ""[.temp]""), "">"" "

Now if I change the protection on the directory so that the world can read
it, then opendir does work:


  $ perl -e "print ""<"", opendir ($dh, ""[.temp]""), "">"" "

This is not good news when you're writing an installation program, whose
users generally have privileges, and may have some of the accesses that
they need only through privileges.

I suppose I could work around it by explicitly [and temporarily] giving
myself access to the directory from within the program.  Anybody happen to
know if there's a way to do this other than invoking DCL from Perl, e.g.
with "system()"?


/            Tom Edelson
             VMS Release Engineering
             SAS Institute, Inc.

This email is confidential and intended solely for the use of the 
individual to whom it is addressed. Any views or opinions presented are 
solely those of the author and do not necessarily represent those of 
If you are not the intended recipient, be advised that you have received this
email in error and that any use, dissemination, forwarding, printing, or 
copying of this email is strictly prohibited.

If you have received this email in error please notify the SchlumbergerSema Helpdesk by telephone on +44 (0) 121 627 5600.

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About