On Fri, Jan 09, 2004 at 06:02:07PM +0900, Ian Macdonald wrote: > Hello, > > As a system administrator, it's nice to be able to check for world > readable and writable files without having to File.stat the file and > check the mode for the relevant bits. Whilst that's easy enough to do, > the resulting code is too ugly for an elegant language like Ruby, IMHO. > > The attached patch implements the File.readable_world? and > File.writable_world? methods. Please consider its inclusion in Ruby. The > diff is against the latest 1.8.1 snapshot. I see two problems with this: (1) There is no such thing as "readable world" in the permissions of Unix; the closest I can think of is the combination of user, group and other permissions. Note that these are grabbed in order; the user that own it CAN NOT read a file with permissions -wxrwxrwx. Using permissions rwx---rwx is a trick that sometimes is used to make sure that a particular group cannot get at data. This is resolvable by renaming to readable_other? (which is the correct Unix terminology - see http://www.opengroup.org/onlinepubs/7908799/xbd/glossary.html#tag_004_000_107 for details). However, introduce another problem: (2) If renamed to readable_other?, this is tied very closely to the ancient Unix permissions systems. This isn't even correct for new Unixes (ACLs are available), and definately not correct for Windows et al. Thinking a bit more about it while writing this, I wonder if the right thing to do wouldn't be to extend the API with four calls instead of two: readable_world? - check for (perm & (S_IRUSR|S_IRGRP|S_IROTH)) == (S_IRUSR|S_IRGRP|S_IROTH) (that's the same as) (perm & 0444) == 0444 readable_other? - check for (perm & S_IROTH) == S_IROTH (that's the same as) (perm & 0004) == 0004 writable_world? and writeable_other? do the same for the write flags. Introducing both of them has a couple of advantages: - It make it obvious to people that there is a difference - It provide at one call with semantics that can be used on different permission systems - It provide the functionality requested (which I agree would be nice to have - I'd be annoyed if I discovered it was missing.) Eivind.