On 06 Oct 2010, at 11:05, Michael Van Canneyt wrote:
On Wed, 6 Oct 2010, Jonas Maebe wrote:
On 06 Oct 2010, at 09:41, Michael Van Canneyt wrote:
This is always true on Unix, the only way to make sure is to have
the kernel
create the temporary name and file for you. Unix - to my knowledge
- does not have a way to create and lock a file in one atomic
operation; There are
always 2 operations involved, and so anything can happen between
the 2
calls.
You can at least open a file with O_CREAT|O_EXCL|O_NOFOLLOW to make
sure that it does not yet exist at the point that you create it
(and that it's not a symlink either).
This is correct, but doesn't lock the file,
Locking is always advisory on Unix, so that doesn't matter anyway.
and so it doesn't prevent
someone from 'stealing' the file before the lock is applied.
Nobody else can steal the file once you have created it, because they
won't be the owner nor have the necessary permissions. That is the
main security risk and it is solved by this approach. The fact that
another process running under your login not using O_EXCL could
overwrite it is not an extra security risk (if you have a rogue
process running under your login, nothing that you do is safe because
it can use ptrace to modify any process in any way it sees fit anyway).
Jonas
_______________________________________________
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
http://lists.freepascal.org/mailman/listinfo/fpc-pascal
