In computer programming , a handle is an abstract reference to a resource that is used when application software references blocks of memory or objects that are managed by another system like a database or an operating system .
26-515: A resource handle can be an opaque identifier , in which case it is often an integer number (often an array index in an array or "table" that is used to manage that type of resource), or it can be a pointer that allows access to further information. Common resource handles include file descriptors , network sockets , database connections , process identifiers (PIDs), and job IDs . PIDs and job IDs are explicitly visible integers; while file descriptors and sockets (which are often implemented as
52-399: A file descriptor, depending on the command argument passed to it. There are commands to get and set attributes associated with a file descriptor, including F_GETFD, F_SETFD, F_GETFL and F_SETFL . A series of new operations has been added to many modern Unix-like systems, as well as numerous C libraries, to be standardized in a future version of POSIX . The at suffix signifies that
78-426: A file system. As well as regular files, this includes directories , block and character devices (also called "special files"), Unix domain sockets , and named pipes . File descriptors can also refer to other objects that do not normally exist in the file system, such as anonymous pipes and network sockets . The FILE data structure in the C standard I/O library usually includes a low level file descriptor for
104-422: A filename is forgeable (it is just a guessable identifier), a handle is given to a user by an external system, and thus represents not just identity, but also granted access. For example, if a program wishes to read the system password file ( /etc/passwd ) in read/write mode ( O_RDWR ), it could try to open the file via the following call: This call asks the operating system to open the specified file with
130-404: A form of file descriptor) are represented as integers, they are typically considered opaque. In traditional implementations, file descriptors are indices into a (per-process) file descriptor table , thence a (system-wide) file table . While a pointer contains the address of the item to which it refers, a handle is an abstraction of a reference which is managed externally; its opacity allows
156-404: A third table called the inode table that describes the actual underlying files. To perform input or output, the process passes the file descriptor to the kernel through a system call , and the kernel will access the file on behalf of the process. The process does not have direct access to the file or inode tables. On Linux , the set of file descriptors open in a process can be accessed under
182-493: Is a process-unique identifier ( handle ) for a file or other input/output resource , such as a pipe or network socket . File descriptors typically have non-negative integer values, with negative values being reserved to indicate "no value" or error conditions. File descriptors are a part of the POSIX API . Each Unix process (except perhaps daemons ) should have three standard POSIX file descriptors, corresponding to
208-447: Is a type of software bug that occurs when a computer program does not free a handle that it previously allocated. This is a form of resource leak , analogous to a memory leak for previously allocated memory. In secure computing terms, because access to a resource via a handle is mediated by another system, a handle functions as a capability : it not only identifies an object, but also associates access rights . For example, while
234-420: Is missing in the interface may be declared in its implementation , or in another "friends-only" interface. This second option allows the hidden information to be shared by two or more modules. This computer science article is a stub . You can help Misplaced Pages by expanding it . File handle In Unix and Unix-like computer operating systems, a file descriptor ( FD , less frequently fildes )
260-422: The sendmsg () system call. Note, however, that what is actually passed is a reference to an "open file description" that has mutable state (the file offset, and the file status and access flags). This complicates the secure use of file descriptors as capabilities, since when programs share access to the same open file description, they can interfere with each other's use of it by changing its offset or whether it
286-447: The POSIX standard for threads defines an application programming interface based on a number of opaque types that represent threads or synchronization primitives like mutexes or condition variables . An opaque pointer is a special case of an opaque data type, a datatype that is declared to be a pointer to a record or data structure of some unspecified data type. For example,
SECTION 10
#1733085186876312-475: The confused deputy problem . Handles were a popular solution to memory management in operating systems of the 1990s, such as Mac OS and Windows . The FILE data structure in the C standard I/O library is a file handle , abstracting from the underlying file representation (on Unix these are file descriptors ). Like other desktop environments , the Windows API heavily uses handles to represent objects in
338-448: The standard library that forms part of the specification of the C programming language provides functions for file input and output that return or take values of type "pointer to FILE " that represent file streams (see C file input/output ), but the concrete implementation of the type FILE is not specified. Some languages, such as C , allow the declaration of opaque records (structs), whose size and fields are hidden from
364-454: The client. The only thing that the client can do with an object of such a type is to take its memory address , to produce an opaque pointer . If the information provided by the interface is sufficient to determine the type's size, then clients can declare variables , fields , and arrays of that type, assign their values, and possibly compare them for equality. This is usually the case for opaque pointers. In some languages, such as Java ,
390-487: The function takes an additional first argument supplying a file descriptor from which relative paths are resolved, the forms lacking the at suffix thus becoming equivalent to passing a file descriptor corresponding to the current working directory . The purpose of these new operations is to defend against a certain class of TOCTOU attacks. Unix file descriptors behave in many ways as capabilities . They can be passed between processes across Unix domain sockets using
416-483: The handle must be something other than a systemwide-unique small integer, otherwise it is forgeable. Such an integer may nevertheless be used to identify a capability inside a process; e.g., file descriptor in Linux is unforgeable because its numerical value alone is meaningless, and only in the process context may refer to anything. Transferring such a handle requires special care though, as its value often has to be different in
442-428: The missing information. The concrete representation of the type is hidden from its users, and the visible implementation is incomplete. A data type whose representation is visible is called transparent . Opaque data types are frequently used to implement abstract data types . Typical examples of opaque data types include handles for resources provided by an operating system to application software . For example,
468-435: The object in question on Unix-like systems. The overall data structure provides additional abstraction and is instead known as a file handle . The following lists typical operations on file descriptors on modern Unix-like systems. Most of these functions are declared in the <unistd.h> header, but some are in the <fcntl.h> header instead. The fcntl() function is used to perform various operations on
494-489: The only kind of opaque type provided is the opaque pointer. Indeed, in Java (and several other languages) records are always handled through pointers. Some languages allow partially opaque types, e.g. a record which has some public fields, known and accessible to all clients, and some hidden fields which are not revealed in the interface. Such types play a fundamental role in object-oriented programming . The information which
520-416: The path /proc/PID/fd/ , where PID is the process identifier . File descriptor /proc/PID/fd/0 is stdin , /proc/PID/fd/1 is stdout , and /proc/PID/fd/2 is stderr . As a shortcut to these, any running process can also access its own file descriptors through the folders /proc/self/fd and /dev/fd . In Unix-like systems, file descriptors can refer to any Unix file type named in
546-410: The referent to be relocated in memory by the system without invalidating the handle, making it similar to virtual memory for pointers, but even more abstracted. Similarly, the extra layer of indirection also increases the control that the managing system has over the operations performed on the referent. Typically the handle is an index or a pointer into a global array of tombstones . A handle leak
SECTION 20
#1733085186876572-424: The sending and receiving processes. In non-capability-based systems, on the other hand, each process must acquire its own separate handle, by specifying the identity of the resource and the desired access rights (e.g., each process must open a file itself, by giving the filename and access mode). Such usage is more common even in modern systems that do support passing handles, but it is subject to vulnerabilities like
598-553: The specified access rights. If the OS allows this, then it opens the file (creates an entry in the per-process file descriptor table ) and returns a handle (file descriptor, index into this table) to the user: the actual access is controlled by the OS, and the handle is a token of that. Conversely, the OS may deny access, and thus neither open the file nor return a handle. In a capability-based system, handles can be passed between processes, with associated access rights. Note that in these cases
624-437: The system and to provide a communication pathway between the operating system and user space . For example, a window on the desktop is represented by a handle of type HWND (handle, window). Doubly indirect handles (where the handle is not necessarily a pointer but might be, for example, an integer) have fallen out of favor in recent times, as increases in available memory and improved virtual memory algorithms have made
650-448: The three standard streams : In the traditional implementation of Unix, file descriptors index into a per-process file descriptor table maintained by the kernel, that in turn indexes into a system-wide table of files opened by all processes, called the file table . This table records the mode with which the file (or other resource) has been opened: for reading, writing, appending, and possibly other modes. It also indexes into
676-528: The use of the simpler pointer more attractive. However, many operating systems still apply the term to pointers to opaque, "private" data structures β opaque pointers βor to indexes into internal arrays passed from one process to its client . Opaque data type In computer science , an opaque data type is a data type whose concrete data structure is not defined in an interface . This enforces information hiding , since its values can only be manipulated by calling subroutines that have access to
#875124