HOME
TheInfoList



In
computer programming Computer programming is the process of designing and building an executable computer program to accomplish a specific computing result or to perform a specific task. Programming involves tasks such as: analysis, generating algorithms, Profiling ...
, a handle is an abstract
reference Reference is a relationship between objects in which one object designates, or acts as a means by which to connect to or link to, another object. The first object in this relation is said to ''refer to'' the second object. It is called a ''name ...
to a
resource A resource is a source or supply from which a benefit is produced and that has some utility. Resources can broadly be classified upon their availability — they are classified into renewable and non-renewable resources. They can also be classif ...
that is used when
application software Application software (app for short) is computing software designed to carry out a specific task other than one relating to the operation of the computer itself, typically to be used by end-users. Examples of an application include a word proce ...
references blocks of
memory Memory is the faculty of the brain by which data or information is encoded, stored, and retrieved when needed. It is the retention of information over time for the purpose of influencing future action. If Foresight (psychology), past events cou ...
or objects that are managed by another system like a
database A database is an organized collection of data Data are units of information Information can be thought of as the resolution of uncertainty; it answers the question of "What an entity is" and thus defines both its essence and the nature ...
or an
operating system An operating system (OS) is system software that manages computer hardware, computer software, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), sch ...
. A resource handle can be an opaque
identifier An identifier is a name that identifies (that is, labels the identity of) either a unique object or a unique ''class'' of objects, where the "object" or class may be an idea, physical countable object (or class thereof), or physical mass noun, nonc ...
, in which case it is often an
integer An integer (from the Latin wikt:integer#Latin, ''integer'' meaning "whole") is colloquially defined as a number that can be written without a Fraction (mathematics), fractional component. For example, 21, 4, 0, and −2048 are integers, while 9 ...
number (often an
array index ARRAY, also known as ARRAY Now, is an independent distribution company launched by film maker and former publicist Ava DuVernay in 2010 under the name African-American Film Festival Releasing Movement (AFFRM). In 2015 the company rebranded itsel ...
in an array or "table" that is used to manage that type of resource), or it can be a pointer that allows access to further information. Common resource handles include
file descriptorIn Unix and related computer operating systems, a file descriptor (FD, less frequently fildes) is an abstract indicator ( handle) used to access a file or other input/output System resource, resource, such as a pipe (Unix), pipe or network socket. ...
s,
network socket Network and networking may refer to: Arts, entertainment, and media * Network (1976 film), ''Network'' (1976 film), a 1976 American film * Network (2019 film), ''Network'' (2019 film), an Indian film * Network (album), ''Network'' (album), a 2004 ...
s,
database connectionA Database connection is a facility in computer science that allows Client (computing), client software to talk to database server software, whether on the same machine or not. A connection is required to send command (computing), commands and recei ...
s,
process identifier In computing Computing is any goal-oriented activity requiring, benefiting from, or creating computing machinery. It includes the study and experimentation of algorithmic processes and development of both computer hardware , hardware and software ...
s (PIDs), and job IDs. PIDs and job IDs are explicitly visible integers; while file descriptors and sockets (which are often implemented as a form of file descriptor) are represented as integers, they are typically considered opaque. In traditional implementations, file descriptors are indices into a (per-process) file descriptor table, thence a (system-wide) file table.


Comparison to pointers

While a pointer contains the memory address, address of the item to which it refers, a handle is an abstraction (computer science), abstraction of a reference which is managed externally; its opacity allows the referent to be relocated in memory by the system without invalidating the handle, which is impossible with pointers. The extra layer of indirection also increases the control that the managing system has over the operations performed on the referent. Typically the handle is an index or a pointer into a global array of tombstone (programming), tombstones. A handle leak is a type of software bug that occurs when a computer program asks for a handle to a resource but does not free the handle when it is no longer used; this is a form of resource leak, similar to a memory leak for a pointer to memory.


Security

In Computer security, secure computing terms, because access to a resource via a handle is mediated by another system, a handle functions as a ''Capability-based security, capability'': it not only identifies an object, but also associates access control, access rights. For example, while a filename is forgeable (it is just a guessable identifier), a handle is ''given'' to a user by an external system, and thus represents not just identity, but also ''granted'' access. For example, if a program wishes to read the system password file (/etc/passwd) in read/write mode (O_RDWR), it could try to open the file via the following call: int fd = open("/etc/passwd", O_RDWR); This call asks the operating system to open the specified file with the specified access rights. If the OS allows this, then it opens the file (creates an entry in the per-process file descriptor table) and returns a handle (file descriptor, index into this table) to the user: the actual access is controlled by the OS, and the handle is a access token, token of that. Conversely, the OS may deny access, and thus neither open the file nor return a handle. In a capability-based system, handles can be passed between processes, with associated access rights. Note that in these cases the handle must be something other than a systemwide-unique small integer, otherwise it is forgeable. Such an integer may nevertheless be used to identify a capability inside a process; e.g., file descriptor in Linux is unforgeable because its numerical value alone is meaningless, and only in the process context may refer to anything. Transferring such a handle requires special care though, as its value often has to be different in the sending and receiving processes. In non-capability-based systems, on the other hand, each process must acquire its own separate handle, by specifying the identity of the resource and the desired access rights (e.g., each process must open a file itself, by giving the filename and access mode). Such usage is more common even in modern systems that do support passing handles, but it is subject to vulnerabilities like the confused deputy problem.


Examples

Handles were a popular solution to memory management in operating systems of the 1980s, such as Mac OS and Microsoft Windows, Windows. The FILE data structure in the stdio, C standard I/O library is a file handle, abstracting from the underlying file representation (on Unix these are
file descriptorIn Unix and related computer operating systems, a file descriptor (FD, less frequently fildes) is an abstract indicator ( handle) used to access a file or other input/output System resource, resource, such as a pipe (Unix), pipe or network socket. ...
s). Like other desktop environments, the Windows API heavily uses handles to represent objects in the system and to provide a communication pathway between the operating system and user space. For example, a window on the Desktop metaphor, desktop is represented by a handle of type HWND (handle, window). Pointer (computer programming)#Multiple indirection, Doubly indirect handles have fallen out of favour in recent times, as increases in available memory and improved virtual memory algorithms have made the use of the simpler pointer more attractive. However, many operating systems still apply the term to pointers to opaque, "private" data structures—opaque pointers—or to indexes into internal arrays passed from one process (computing), process to its client (computing), client.


See also

* Memory pool * Weak reference


References

{{reflist


External links


Pushing the Limits of Windows: Handles
Data types