GNU bug report logs - #12366
[gnu-prog-discuss] Writing unwritable files

Previous Next

Package: coreutils;

Reported by: Paolo Bonzini <bonzini <at> gnu.org>

Date: Thu, 6 Sep 2012 12:14:01 UTC

Severity: normal

Done: Jim Meyering <meyering <at> hx.meyering.net>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Bob Friesenhahn <bfriesen <at> simple.dallas.tx.us>
To: Paolo Bonzini <bonzini <at> gnu.org>
Cc: 12366 <at> debbugs.gnu.org, gnu-prog-discuss <at> gnu.org
Subject: bug#12366: [gnu-prog-discuss] bug#12366:  Writing unwritable files
Date: Thu, 6 Sep 2012 13:21:31 -0500 (CDT)

On Thu, 6 Sep 2012, Paolo Bonzini wrote:
>
>> I'm not sure what is meant by "insecure" here.
>> Of course there are race conditions if other
>> processes modify a file when "shuf"
>> reads or writes it, but that's true for pretty
>> much any program that reads or writes any file,
>> including sed -i.
>
> No, unlink/rename "sed -i" replaces the file atomically.  A program that

POSIX rename assures that the destination path always exists if it 
already existed.  If unlink/ln was used, then the destination path 
would temporarily be missing.  While 'rename' is occuring, a second 
(parallel) reader/writer has no idea which version will be accessed.

Microsoft Windows and other operating systems might not support the 
POSIX sematic.

Certain filesystems (or their implementation) might not support atomic 
'rename'.

> It's mostly paranoia, but the race window _is_ there unless you use
> rename and break hard links.

Yes, you must use rename, and rename would need to work as per the 
POSIX specification.

Bob
-- 
Bob Friesenhahn
bfriesen <at> simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer,    http://www.GraphicsMagick.org/
This bug report was last modified 12 years and 232 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.