[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: proposed fix for some race conditions in mkdir and install
|
From: |
Eric Blake |
|
Subject: |
Re: proposed fix for some race conditions in mkdir and install |
|
Date: |
Fri, 15 Sep 2006 20:39:37 -0600 |
|
User-agent: |
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7) Gecko/20060909 Thunderbird/1.5.0.7 Mnenhy/0.7.4.666 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
According to Paul Eggert on 9/15/2006 4:39 PM:
> Like most utilities, mkdir and install are vulnerable to race
> conditions involving file names, e.g., if given a file name that
> resolves through a non-sticky directory that is writeable by some
> other user. Here's a patch to fix that, just for these two utilities.
> It's a bit outre, since it requires forking off a subprocess in some
> cases, but it should resist the race condtions better.
Interesting; looks complex, but I agree that there isn't really any good
alternative algorithm that achieves O(n) processing when chdir won't work.
Would it make sense to depend on the fatal-signal or wait-process module,
so that you can kill the child process when the parent is sent a catchable
fatal signal?
- --
Life is short - so eat dessert first!
Eric Blake address@hidden
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFC2Po84KuGfSFAYARAm8UAKCzhJgbSEtYXkdltv0UydR5hwar6ACeNrOM
jF3HYH/dwv12t26+YbFR9+0=
=XEfK
-----END PGP SIGNATURE-----