File descriptor
Encyclopedia
In computer programming, a file descriptor is an abstract indicator for accessing a file. The term is generally used in POSIX
operating system
s. In Microsoft Windows
terminology and in the context of the C standard I/O library, "file handle" is preferred, though the latter case is technically a different object (see below).
In POSIX, a file descriptor is an integer
, specifically of the C
type int. There are 3 standard POSIX file descriptors which presumably every process (save perhaps a daemon
) should expect to have:
Generally, a file descriptor is an index
for an entry in a kernel-resident data structure containing the details of all open files. In POSIX this data structure is called a file descriptor table, and each process has its own file descriptor table. The user application passes the abstract key to the kernel through a system call
, and the kernel will access the file on behalf of the application, based on the key. The application itself cannot read or write the file descriptor table directly.
In Unix-like
systems, file descriptors can refer to files, directories
, block or character devices (also called "special files"), socket
s, FIFO
s (also called named pipe
s), or unnamed pipe
s.
The FILE * file handle in the C standard I/O library routines is technically a pointer to a data structure managed by those library routines; one of those structures usually includes an actual low level file descriptor for the object in question on Unix-like systems. Since file handle refers to this additional layer, it is not interchangeable with file descriptor.
To further complicate terminology, Microsoft Windows
also uses the term file handle to refer to the more low-level construct, akin to POSIX's file descriptors. Microsoft's C libraries also provide compatibility functions which "wrap" these native handles to support the POSIX-like convention of integer file descriptors as detailed above.
systems typically provide the following operations on file descriptors:
sendfile
lseek, lseek64
fstat, fstat64
fchmod
fchown
fdopen
gzdopen
ftruncate
fsync
fdatasync
fstatvfs
dup2 (the new file descriptor will have the value passed as an argument)
fcntl (F_DUPFD)
fcntl (F_GETFD and F_SETFD)
mmap (maps ranges of a file into the process's address space)
lockf
getsockname
getpeername
getsockopt
setsockopt
shutdown (shuts down one or both halves of a full duplex connection)
. The
. The purpose of these new operations is to defend against a certain class of TOCTTOU
attacks.
The Native API
of the Windows NT
family of operating systems also allows callers to specify a root directory
when they open a file or other object by name.
. They can be passed between processes across Unix domain socket
s using the sendmsg system call. Note, however, that what is actually passed is a reference to an "open file description" that has mutable state (the file offset, and the file status and access flags). This complicates the secure use of file descriptors as capabilities, since when programs share access to the same open file description, they can interfere with each other's use of it by changing its offset or whether it is blocking or non-blocking, for example.http://www.eros-os.org/pipermail/cap-talk/2009-February/012137.htmlhttp://homepage.ntlworld.com/jonathan.deboynepollard/FGA/dont-set-shared-file-descriptors-to-non-blocking-mode.html In operating systems that are specifically designed as capability systems, there is very rarely any mutable state associated with a capability itself.
A Unix process' file descriptor table is an example of a C-list
.
POSIX
POSIX , an acronym for "Portable Operating System Interface", is a family of standards specified by the IEEE for maintaining compatibility between operating systems...
operating system
Operating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s. In Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
terminology and in the context of the C standard I/O library, "file handle" is preferred, though the latter case is technically a different object (see below).
In POSIX, a file descriptor is an integer
Integer
The integers are formed by the natural numbers together with the negatives of the non-zero natural numbers .They are known as Positive and Negative Integers respectively...
, specifically of the C
C (programming language)
C is a general-purpose computer programming language developed between 1969 and 1973 by Dennis Ritchie at the Bell Telephone Laboratories for use with the Unix operating system....
type int. There are 3 standard POSIX file descriptors which presumably every process (save perhaps a daemon
Daemon (computer software)
In Unix and other multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user...
) should expect to have:
Integer value | Name |
---|---|
0 | Standard Input (stdin) |
1 | Standard Output (stdout) |
2 | Standard Error (stderr) |
Generally, a file descriptor is an index
Index (information technology)
In computer science, an index can be:# an integer that identifies an array element# a data structure that enables sublinear-time lookup -Array element identifier:...
for an entry in a kernel-resident data structure containing the details of all open files. In POSIX this data structure is called a file descriptor table, and each process has its own file descriptor table. The user application passes the abstract key to the kernel through a system call
System call
In computing, a system call is how a program requests a service from an operating system's kernel. This may include hardware related services , creating and executing new processes, and communicating with integral kernel services...
, and the kernel will access the file on behalf of the application, based on the key. The application itself cannot read or write the file descriptor table directly.
In Unix-like
Unix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
systems, file descriptors can refer to files, directories
Directory (file systems)
In computing, a folder, directory, catalog, or drawer, is a virtual container originally derived from an earlier Object-oriented programming concept by the same name within a digital file system, in which groups of computer files and other folders can be kept and organized.A typical file system may...
, block or character devices (also called "special files"), socket
Unix domain socket
A Unix domain socket or IPC socket is a data communications endpoint for exchanging data between processes executing within the same host operating system. While similar in functionality to...
s, FIFO
FIFO
FIFO is an acronym for First In, First Out, an abstraction related to ways of organizing and manipulation of data relative to time and prioritization...
s (also called named pipe
Named pipe
In computing, a named pipe is an extension to the traditional pipe concept on Unix and Unix-like systems, and is one of the methods of inter-process communication. The concept is also found in Microsoft Windows, although the semantics differ substantially...
s), or unnamed pipe
Pipeline (Unix)
In Unix-like computer operating systems , a pipeline is the original software pipeline: a set of processes chained by their standard streams, so that the output of each process feeds directly as input to the next one. Each connection is implemented by an anonymous pipe...
s.
The FILE * file handle in the C standard I/O library routines is technically a pointer to a data structure managed by those library routines; one of those structures usually includes an actual low level file descriptor for the object in question on Unix-like systems. Since file handle refers to this additional layer, it is not interchangeable with file descriptor.
To further complicate terminology, Microsoft Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
also uses the term file handle to refer to the more low-level construct, akin to POSIX's file descriptors. Microsoft's C libraries also provide compatibility functions which "wrap" these native handles to support the POSIX-like convention of integer file descriptors as detailed above.
Operations on file descriptors
Modern Unix-likeUnix-like
A Unix-like operating system is one that behaves in a manner similar to a Unix system, while not necessarily conforming to or being certified to any version of the Single UNIX Specification....
systems typically provide the following operations on file descriptors:
Creating file descriptors
- open, open64, creat, creat64
- socket
- socketpair
- pipe
Operations on a single file descriptor
- read, write
- readv, writev
- pread, pwrite
- recv, send
- recvmsg, sendmsg
Operations on multiple file descriptors
- selectSelect (Unix)select is a system call and application programming interface in Unix-like and POSIX-compliant operating systems for examining the status of file descriptors of open input/output channels...
, pselect - poll, epollEpollepoll is a scalable I/O event notification mechanism for Linux, first introduced in Linux 2.5.44 . It is meant to replace the older POSIX select and poll system calls, to achieve better performance in more demanding applications, where the number of watched file descriptors is large...
- kqueueKqueueKqueue is a scalable event notification interface introduced in FreeBSD 4.1, also supported in NetBSD, OpenBSD, DragonflyBSD, and Mac OS X. It's the foundation of Apple's Grand Central Dispatch....
Operations on the file descriptor table
- close
- dup
Operations that modify process state
- fchdir
File locking
- flock
- fcntl
Sockets
- connect
- bind
- listen
- accept
Miscellaneous
- ioctlIoctlIn computing, ioctl, short for input/output control, is a system call for device-specific operations and other operations which cannot be expressed by regular system calls. It takes a parameter specifying a request code; the effect of a call depends completely on the request code. Request codes are...
Upcoming operations
A series of new operations on file descriptors has been added to many modern Unix-like systems, as well as numerous C libraries, to be standardized in a future version of POSIXPOSIX
POSIX , an acronym for "Portable Operating System Interface", is a family of standards specified by the IEEE for maintaining compatibility between operating systems...
. The
at
suffix signifies that the function takes an additional first argument supplying a file descriptor from which relative paths are resolved, the forms lacking the at
suffix thus becoming equivalent to passing a file descriptor corresponding to the current working directoryWorking directory
In computing, the working directory of a process is a directory of a hierarchical file system, if any, dynamically associated with each process. When the process refers to a file using a simple file name or relative path , the reference is interpreted relative to the current working directory of...
. The purpose of these new operations is to defend against a certain class of TOCTTOU
Time-of-check-to-time-of-use
In software development, time-of-check-to-time-of-use is a class of software bug caused by changes in a system between the checking of a condition and the use of the results of that check...
attacks.
- openat
- faccessat
- fchmodat
- fchownat
- fstatat
- futimesat
- linkat
- mkdirat
- mknodat
- readlinkat
- renameat
- symlinkat
- unlinkat
- mkfifoat
- fdopendir
The Native API
Native API
The Native API is the publicly- and incompletely-documented application programming interface used internally by the Windows NT family of operating systems produced by Microsoft.. It is predominately used during system boot, when other components of Windows are unavailable. The Program Entry point...
of the Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...
family of operating systems also allows callers to specify a root directory
Root directory
In computer file systems, the root directory is the first or top-most directory in a hierarchy. It can be likened to the root of a tree — the starting point where all branches originate.-Metaphor:...
when they open a file or other object by name.
File descriptors as capabilities
Unix file descriptors behave in many ways as capabilitiesCapability-based security
Capability-based security is a concept in the design of secure computing systems, one of the existing security models. A capability is a communicable, unforgeable token of authority. It refers to a value that references an object along with an associated set of access rights...
. They can be passed between processes across Unix domain socket
Unix domain socket
A Unix domain socket or IPC socket is a data communications endpoint for exchanging data between processes executing within the same host operating system. While similar in functionality to...
s using the sendmsg system call. Note, however, that what is actually passed is a reference to an "open file description" that has mutable state (the file offset, and the file status and access flags). This complicates the secure use of file descriptors as capabilities, since when programs share access to the same open file description, they can interfere with each other's use of it by changing its offset or whether it is blocking or non-blocking, for example.http://www.eros-os.org/pipermail/cap-talk/2009-February/012137.htmlhttp://homepage.ntlworld.com/jonathan.deboynepollard/FGA/dont-set-shared-file-descriptors-to-non-blocking-mode.html In operating systems that are specifically designed as capability systems, there is very rarely any mutable state associated with a capability itself.
A Unix process' file descriptor table is an example of a C-list
C-list (computer security)
In capability-based computer security, a C-list is an array of capabilities, usually associated with a process and maintained by the kernel. The program running in the process does not manipulate capabilities directly, but refers to them via C-list indexes—integers indexing into the C-list.The...
.