From 06ad6cdfac21bf4ba820031d9986b253e269ea39 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Sun, 15 Nov 2020 12:21:55 +0100
Subject: [PATCH] access.2: BUGS: note that faccessat() wrapper function
 emulation ignores ACLs

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/access.2 | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/man2/access.2 b/man2/access.2
index 0edf23c9b..1f9f1417a 100644
--- a/man2/access.2
+++ b/man2/access.2
@@ -348,7 +348,8 @@ flags are actually implemented within the glibc wrapper function for
 .BR faccessat ().
 If either of these flags is specified, then the wrapper function employs
 .BR fstatat (2)
-to determine access permissions.
+to determine access permissions, but see BUGS.
+.\"
 .SS Glibc notes
 On older kernels where
 .BR faccessat ()
@@ -368,6 +369,19 @@ that corresponds to the
 .IR dirfd
 argument.
 .SH BUGS
+Because the Linux kernel's
+.BR faccessat ()
+system call does not support a
+.I flags
+argument, the glibc
+.BR faccessat ()
+wrapper function emulates the required functionality using
+a combination of the
+.BR faccessat ()
+system call and
+.BR fstatat (2).
+However, this emulation does not take ACLs into account.
+.PP
 In kernel 2.4 (and earlier) there is some strangeness in the handling of
 .B X_OK
 tests for superuser.