[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: install.c: please set unlink_dest_before_opening=false
From: |
Robert Millan [ackstorm] |
Subject: |
Re: install.c: please set unlink_dest_before_opening=false |
Date: |
Thu, 1 Mar 2007 12:20:30 +0100 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Thu, Mar 01, 2007 at 11:46:09AM +0100, Jim Meyering wrote:
>
> The proposed change has another disadvantage.
>
> If we don't break destination hard links, then we must write
> directly to the destination file, and that cannot be done atomically.
> This would definitely have security implications, so we can't
> change GNU install's default.
Why would that have security implications? Once you open the file for
writing, nobody can do anything else with it. From this POV, it is
as if the write were atomical.
OTOH, kernel implementations don't necessarily have to do that, but
I suppose if they opt for not doing it they'll provide some means to
preserve security?
--
Robert Millan
ACK STORM, S.L. - http://www.ackstorm.es/