Subject: Friendlier EPERM.
Date: Tuesday 8th January 2013 17:57:53 UTC (over 4 years ago)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Traditionally, if a process attempts a forbidden operation, errno for that thread is set to EACCES or EPERM, and a call to strerror() returns a localized version of "Permission Denied" or "Operation not permitted". This string appears throughout textual uis and syslogs. For example, it will show up in command-line tools, in exceptions within scripting languages, etc. There are an increasing number of ways in which you can fail to have permission to do something: classic POSIX discretionary access controls Linux security modules (e.g. SELinux mandatory access controls) capabilities seccomp denials ... As we continue to add mechanisms for the Kernel to deny permissions, the Administrator/User is faced with just a message that says "Permission Denied" Then if the administrator is lucky enough or skilled enough to know where to look, he might be able to understand why the process was denied access. In Fedora we had an idea about making it possible for strerror() to contain richer information about permissions failures. See: https://fedoraproject.org/wiki/Features/FriendlyEPERM We would like to open up discussion about this with the glibc developers to see what they think of the idea before opening it up to a larger community. How does this sound from a glibc perspective? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDsXiEACgkQrlYvE4MpobPvMACePXz74Xl8mzCPHUdu7izTqVZi pwQAn2XoAHjosU/LuqTqkkcPhTCo8QIw =1FBv -----END PGP SIGNATURE-----