Subject: Re: Addition to force open to open only regular files
To: Alan Barrett <apb@cequrux.com>
From: Alistair Crooks <AlistairCrooks@excite.com>
List: tech-kern
Date: 11/21/2000 03:00:27
On Tue, 21 Nov 2000 12:47:43 +0200 (SAST), Alan Barrett wrote:
> If we are thinking of new syscalls, then I think that
> open_if_stat_matches() would be more useful than open_as(). It
> would be used like this: stat(path, statbuf); check attributes in
> statbuf; open_if_stat_matches(path, statbuf, flags, mode). There
> is no race vulnerability between stat() and open_if_stat_matches()
> because the kernel would refuse to open the file if the results from
> fstat() after the open would be different from the results of stat()
> before the open. There should probably be a way of saying that
> certain fields in the stat structure (such as access time) are not
> important.
>
> Note that an open_as() library function could be implemented using
> an open_if_stat_matches() syscall.
>
> --apb (Alan Barrett)
I fully agree with you - indeed, I had the same idea, and had gone from the
stage of using an md function on the contents of a file and passing that to
the open(2), to the stage of expanding that idea to use a stat struct to
capture the info. I suspect the st_atime field would have to be ignored by
the open_if_stat_matches(2) call (:-)), and you could also zero out parts of
the stat struct that you didn't want compared, or use a separate stat
structre as a bit mask for relevant fields to check.
Regards,
Alistair
--
Alistair Crooks (agc@pkgsrc.org)
_______________________________________________________
Tired of slow Internet? Get @Home Broadband Internet
http://www.home.com/xinbox/signup.html