This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] [BZ #18433] Check file access/existence before forking.

From: navid Rahimi <rahimi dot nv at gmail dot com>
To: Zack Weinberg <zackw at panix dot com>
Cc: libc-alpha at sourceware dot org
Date: Fri, 11 Sep 2015 02:08:19 +0430
Subject: Re: [PATCH] [BZ #18433] Check file access/existence before forking.
Authentication-results: sourceware.org; auth=none
References: <55F19819 dot 3010601 at gmail dot com> <ACDB9D4B-30B6-46C1-9286-5F03594CEACC at panix dot com>

On Thu, Sep 10, 2015 at 7:32 PM, Zack Weinberg <zackw@panix.com> wrote:
> Why is a TOCTOU race acceptable and/or unavoidable? Also, why is a check using the real rather than the effective credentials correct here?

Because of nature of lock in unix (being advisory) I think there is no
way to lock file and prevent TOCTOU, even if we had lock mechanism ,
it is cumbersome (and almost impossible) to design in correctly.
Because for preventing TOCTOU we should keep lock until execve , and
after that point so many question will raise , "what will happen to
lock in execve ?" or "does child process has lock also ?"

About using real rather effective credentials , it was my mistake ,
euidaccess would be more appropriate .

Follow-Ups:
- Re: [PATCH] [BZ #18433] Check file access/existence before forking.
  - From: Zack Weinberg

References:
- [PATCH] [BZ #18433] Check file access/existence before forking.
  - From: Navid Rahimi
- Re: [PATCH] [BZ #18433] Check file access/existence before forking.
  - From: Zack Weinberg

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]