36:
355:
In a capability-based system, handles can be passed between processes, with associated access rights. Note that in these cases the handle must be something other than a systemwide-unique small integer, otherwise it is forgeable. Such an integer may nevertheless be used to identify a capability inside
356:
a process; e.g., file descriptor in Linux is unforgeable because its numerical value alone is meaningless, and only in the process context may refer to anything. Transferring such a handle requires special care though, as its value often has to be different in the sending and receiving processes.
359:
In non-capability-based systems, on the other hand, each process must acquire its own separate handle, by specifying the identity of the resource and the desired access rights (e.g., each process must open a file itself, by giving the filename and access mode). Such usage is more common even in
210:. PIDs and job IDs are explicitly visible integers; while file descriptors and sockets (which are often implemented as a form of file descriptor) are represented as integers, they are typically considered opaque. In traditional implementations, file descriptors are indices into a (per-process)
426:
handles (where the handle is not necessarily a pointer but might be, for example, an integer) have fallen out of favor in recent times, as increases in available memory and improved
344:
This call asks the operating system to open the specified file with the specified access rights. If the OS allows this, then it opens the file (creates an entry in the per-process
246:
also increases the control that the managing system has over the operations performed on the referent. Typically the handle is an index or a pointer into a global array of
238:
of a reference which is managed externally; its opacity allows the referent to be relocated in memory by the system without invalidating the handle, making it similar to
430:
algorithms have made the use of the simpler pointer more attractive. However, many operating systems still apply the term to pointers to opaque, "private"
348:) and returns a handle (file descriptor, index into this table) to the user: the actual access is controlled by the OS, and the handle is a
508:
423:
408:
heavily uses handles to represent objects in the system and to provide a communication pathway between the operating system and
100:
72:
53:
79:
119:
86:
484:
20:
235:
227:
187:
57:
68:
261:
that occurs when a computer program does not free a handle that it previously allocated. This is a form of
141:
281:
terms, because access to a resource via a handle is mediated by another system, a handle functions as a
283:
361:
352:
of that. Conversely, the OS may deny access, and thus neither open the file nor return a handle.
247:
46:
360:
modern systems that do support passing handles, but it is subject to vulnerabilities like the
291:. For example, while a filename is forgeable (it is just a guessable identifier), a handle is
93:
345:
211:
153:
149:
133:
23:. For the element in a graphical user interface that is dragged to resize or reshape, see
8:
523:
439:
401:
199:
443:
203:
157:
381:
373:
278:
186:
in an array or "table" that is used to manage that type of resource), or it can be a
24:
413:
172:
165:
397:
295:
to a user by an external system, and thus represents not just identity, but also
191:
145:
480:
460:
435:
431:
427:
288:
239:
231:
195:
517:
262:
349:
258:
190:
that allows access to further information. Common resource handles include
455:
405:
389:
266:
254:
243:
183:
409:
215:
175:
242:
for pointers, but even more abstracted. Similarly, the extra layer of
35:
302:
For example, if a program wishes to read the system password file (
161:
179:
377:
207:
385:
393:
392:, abstracting from the underlying file representation (on
310:), it could try to open the file via the following call:
287:: it not only identifies an object, but also associates
160:
or objects that are managed by another system like a
438:—or to indexes into internal arrays passed from one
16:
Abstract reference to a system resource in computing
60:. Unsourced material may be challenged and removed.
515:
234:of the item to which it refers, a handle is an
376:in operating systems of the 1990s, such as
479:
221:
120:Learn how and when to remove this message
516:
509:Pushing the Limits of Windows: Handles
58:adding citations to reliable sources
29:
416:is represented by a handle of type
372:Handles were a popular solution to
13:
14:
535:
502:
486:The Original Macintosh: Hungarian
384:. The FILE data structure in the
269:for previously allocated memory.
34:
412:. For example, a window on the
178:, in which case it is often an
45:needs additional citations for
473:
1:
466:
171:A resource handle can be an
7:
449:
367:
272:
10:
540:
18:
214:, thence a (system-wide)
312:
19:Not to be confused with
362:confused deputy problem
330:"/etc/passwd"
69:"Handle" computing
386:C standard I/O library
306:) in read/write mode (
222:Comparison to pointers
346:file descriptor table
212:file descriptor table
402:desktop environments
200:database connections
150:application software
134:computer programming
54:improve this article
204:process identifiers
420:(handle, window).
148:that is used when
374:memory management
265:, analogous to a
182:number (often an
130:
129:
122:
104:
25:Adjustment handle
531:
496:
495:
494:
493:
483:(January 1982),
477:
419:
398:file descriptors
340:
337:
334:
331:
328:
325:
322:
319:
316:
309:
305:
279:secure computing
192:file descriptors
166:operating system
125:
118:
114:
111:
105:
103:
62:
38:
30:
539:
538:
534:
533:
532:
530:
529:
528:
514:
513:
505:
500:
499:
491:
489:
481:Hertzfeld, Andy
478:
474:
469:
452:
436:opaque pointers
432:data structures
424:Doubly indirect
417:
370:
342:
341:
338:
335:
332:
329:
326:
323:
320:
317:
314:
307:
303:
275:
224:
196:network sockets
140:is an abstract
126:
115:
109:
106:
63:
61:
51:
39:
28:
17:
12:
11:
5:
537:
527:
526:
512:
511:
504:
503:External links
501:
498:
497:
471:
470:
468:
465:
464:
463:
461:Weak reference
458:
451:
448:
428:virtual memory
400:). Like other
369:
366:
313:
274:
271:
240:virtual memory
223:
220:
128:
127:
42:
40:
33:
15:
9:
6:
4:
3:
2:
536:
525:
522:
521:
519:
510:
507:
506:
488:
487:
482:
476:
472:
462:
459:
457:
454:
453:
447:
445:
441:
437:
433:
429:
425:
421:
415:
411:
407:
403:
399:
395:
391:
387:
383:
379:
375:
365:
363:
357:
353:
351:
347:
311:
300:
298:
294:
290:
289:access rights
286:
285:
280:
270:
268:
264:
263:resource leak
260:
257:is a type of
256:
251:
249:
245:
241:
237:
233:
230:contains the
229:
219:
217:
213:
209:
205:
201:
197:
193:
189:
185:
181:
177:
174:
169:
167:
163:
159:
155:
151:
147:
143:
139:
135:
124:
121:
113:
102:
99:
95:
92:
88:
85:
81:
78:
74:
71: –
70:
66:
65:Find sources:
59:
55:
49:
48:
43:This article
41:
37:
32:
31:
26:
22:
490:, retrieved
485:
475:
422:
371:
358:
354:
343:
301:
296:
292:
282:
276:
259:software bug
252:
225:
206:(PIDs), and
170:
137:
131:
116:
107:
97:
90:
83:
76:
64:
52:Please help
47:verification
44:
456:Memory pool
406:Windows API
390:file handle
304:/etc/passwd
267:memory leak
255:handle leak
244:indirection
236:abstraction
184:array index
152:references
524:Data types
492:2010-05-10
467:References
410:user space
396:these are
284:capability
248:tombstones
216:file table
176:identifier
110:April 2014
80:newspapers
142:reference
518:Category
450:See also
368:Examples
299:access.
273:Security
226:While a
162:database
146:resource
21:Handlers
442:to its
440:process
414:desktop
382:Windows
297:granted
232:address
228:pointer
208:job IDs
188:pointer
180:integer
94:scholar
444:client
404:, the
378:Mac OS
336:O_RDWR
308:O_RDWR
173:opaque
164:or an
158:memory
154:blocks
138:handle
96:
89:
82:
75:
67:
388:is a
350:token
293:given
144:to a
101:JSTOR
87:books
418:HWND
394:Unix
380:and
324:open
136:, a
73:news
315:int
277:In
156:of
132:In
56:by
520::
446:.
364:.
339:);
318:fd
253:A
250:.
218:.
202:,
198:,
194:,
168:.
434:—
333:,
327:(
321:=
123:)
117:(
112:)
108:(
98:·
91:·
84:·
77:·
50:.
27:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.