Skip to content

File Restrictions

Jump to bottom
Arkin Solomon edited this page Feb 7, 2023 · 2 revisions

Restricting user access to certain files is crucial and understanding how it works ensures that you can properly restrict user access. The general rule of thumb is to be as restrictive as possible when allowing access. If no access is specified users are given no access to the file system. Note that control may also be restricted by the operating system, if you do not have access to a file, the user won't either, even if explicitly specified. Note also that access does not have to be given to only children of the root, access can be shared across drives. However when allowing access to external files it's recommended to also provide an environment variable as a base to access it. The following documentation assumes that the user does not have full access.

Not all operations require read AND write permissions. Refer to the commands page of the language documentation for more information for which command requires what permission. Read permissions, for instance, first check that the file or directory being operated on has read permission, or any of its parents. Then they check to make sure that none of the current file or directory, or any of the parent directories have explicit read disallowance. The same goes for write permissions. Take this following example file system:

@root/
├── directory_1/
│   ├── file_1
│   └── subdir_1/
│       └── file_1
│       └── file_2
└── directory_2/
    ├── file_1
    └── file_2

Assume that we have an interpreter that allows read and write permissions to / (the root) and disallows read permissions to directory_1. In this case operations that require read permissions for directory_1 or any of its children will fail. However, any operations on directory_2 or its children that require read permissions will succeed. Note that all write operations within any of the root's children will succeed since write operations have been granted. Note that this includes deleting the root. It is recommended to prevent this behavior by allowing write access to child directories only.

If we modify the above example to allow read permissions to /directory_1/subdir_1 operations on subdir_1 or its children will still fail, since its within directory_1, which does not have read permissions.

For moving files, for instance, moving /directory_2/file_2 to /directory_1/file_2 requires read and write permissions on /directory_2/file_2 and write permissions on /directory_1/file_2. More information can be found within the language documentation.

Sakura Interpreter Java © 2023 Arkin Solomon. Licensed under Apache-2.0.

Clone this wiki locally