On Wed, Mar 30, 2011 at 08:52:26AM -0700, Cathey, Jim wrote: > One system I used, DNIX, would push an unlinked executing binary > into swap space, then do the FS deletion. Was actually pretty nice, > it 'just worked'. Once the last executing process died the swap > space was released. There was very little extra kernel code > involved, it just exploited existing mechanisms. I'm surprised > that Linux doesn't do this, actually.
This is somewhat difficult or impossible to do in a conformant way. Each open file has a device and inode number which cannot change for its lifetime, which are important identifiers that may be used in security-critical ways. Even if the orphaned file is moved to swap, and even if the kernel arranges to keep spoofing the old device and inode number, the real inode on the device where the file originally resided must remain locked and not be reused until the last reference to the deleted file is gone. Thus there's still a pending write operation on the original device, if you want to avoid leaking inodes. Rich _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
