On 16/03/2014 03:06, Rich Felker wrote:
/tmp is not suitable for this; you can never assume the ability to create a fixed-name file in /tmp, since the namespace of /tmp is shared on a first-come, first-served basis. Any programs using /tmp except for creating randomly-named files there are buggy.
Hm, indeed. Unix/FHS/whatever lacks a guaranteed writable and boot-time-available directory just for root. / is not guaranteed writable, and should not be. /var/* is not guaranteed available at boot time. /tmp is not reserved to root. I have such a directory on my systems (/mnt/tmpfs, 0755, with /tmp actually being a symlink to /mnt/tmpfs/tmp, 1777). Some distributions use an initramfs and create /lib/rw (ugh). Unfortunately, nothing is standardized... Maybe we could use /dev ? Ha ha, only serious.
It would probably be suitable to skip the check if the appropriate directory under /var does not exist (but not just if opening it fails for a reason other than non-existence, since you don't want, e.g., fd-exhaustion attacks to let an attacked bypass the rate-limiting).
In the absence of a suitable directory other than /var/*, this is probably the best solution. -- Laurent _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
