"Robert Millan [ackstorm]" <[EMAIL PROTECTED]> wrote: > On Thu, Mar 01, 2007 at 11:46:09AM +0100, Jim Meyering wrote: >> >> The proposed change has another disadvantage. >> >> If we don't break destination hard links, then we must write >> directly to the destination file, and that cannot be done atomically. >> This would definitely have security implications, so we can't >> change GNU install's default. > > Why would that have security implications? Once you open the file for > writing, nobody can do anything else with it. From this POV, it is > as if the write were atomical.
Someone can certainly read it. Imagine we're installing a file that will serve as an access control list. Depending on the layout/semantics of the file, letting processes use an incomplete copy might be equivalent to granting access to everyone. _______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
