> here i disagree. > > 1. if we copy a file as its downloading - we want to get the rest of the file > that was appended to after the copy began, if we can. > 2. try this with cp. cp behaves like efm. if you're telling me this is a > security issue.. then it's a security issue in cp too.. and been there for a > loooooooooooooong time. :) (i tested it) :) > 3. this is only an issue if write rates to file 1 can exceed those to file 2. > 4. it cant be going on forever as eventually filesystem fills up and first > file > stops filling up. :)
Ok. Do as you want. I think this is more 'clean' to copy only the size of the file. I keep this for me. > 1. your check for "type" wont detect if inode/mode etc. etc. etc. match which > is actually possible given symlink vs dest file. :) so you still have your > "race". it's just a bit more selective > 2. the solution to this is actually to unlink then open with O_CREAT|O_EXCL. > :) or.. O_NOFOLLOW (freebsd extn also supported in linux) :) also throw > in O_TRUNC as that's what we want in the above open will fail if someone > slipped in a file or symlink in between > 1. I don't very understand what you're telling me. If we replace the file by a symlink, _it is detected_. I hope this is clearer: https://www.securecoding.cert.org/confluence/display/seccode/POS35-C.+Avoid+race+conditions+while+checking+for+the+existence+of+a+symbolic+link 2. Mmhhh... Strange solution. It erases data. And I already open file with O_WRONLY | O_CREAT | O_EXCL , so if file already exists, it launches a dialog telling this (even if it's a symlink), instead of simply erase data by using unlink(). Maxime PS: I leave my home for ~2 weeks, and I'm not sure I will have internet where I go. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
