On Tue, 24 Dec 2002, Poul-Henning Kamp wrote:

> Isn't there a pretty obvious race between the revoke() and the open() ? 
> Wouldn't it in fact make much more sense if revoke(2) was defined as
>       int revoke(int fd); /* kick everybody else off */
> and the code above would look like: 

There are many races here, but one race is closed by this.  The way the
login process works is that it chowns the device, then revokes the device.
If the problem being addressed is that fd's remain open even after the
chown, then revoke works fine, since once you've chowned/chmodded the
file, the original process with a normal user uid can't re-open.  That
said, revoke() has terrible properties from a VFS perspective.  I'd be
interested in learning about the approaches taken in Linux, etc, to
address the same problem.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED]      Network Associates Laboratories

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to