> Looking at http://www.openbsd.org/papers/tame-fsec2015/ > > When I first heard of "tame", I thought there would be a problem with > log files. I assume that is what the "Whitelist path feature" is being added > to try to solve. > > I wonder if a new system primitive could solve the log file problem in a > different way. > > If the primitive could remove a file under a running program giving the old > contents a new > name, and any other program that had the file open would just see it as if > truncate was called on that file. > > Such a primitive would be used by the log rollers. If log rollers did use > such a primitive > they would never need to recreate or reopen a log file.
I don't understand what program your idea is applicable to. Most programs use syslog, which side-steps this problem entirely by doing it elsewhere. Others already need to write. And no, that is not what the "Whitelist path feature" is for.
