> Erik B. Andersen wrote:
> >
> > >
> > > > /* I hope this does not introduce security problems.
> > > > * Please check and give me response.
> > > > */
> > > >
> > > > However, the pipes are created with permissions 600 and with the
> > > > "current->fsuid" and "current->fsgid" ownerships.
> > >
> > > In which case we need to ensure sys_open() calls on them return -EINVAL
> > > as does sys_chown, sys_chmod, sys_fchown and anything else.
> > >
> > > > > Also what if / is read only
> > > >
> > > > AFAIK, the pipes are inserted directly into the "dcache", so the
> > > > actual read/write status of the root directory shouldn't make a
> > > > difference.
> > >
> > > Looks like that.
> > >
> >
> > Why not stick them in /proc? That is where everything else like
> > this goes.
> >
> Or just /tmp or something like /tmp/pipes ...
Or /dev, or /dev/tmp-pipes. Don't we already have drivers sticking
dynamically-created devices into /dev? Consider:
o some systems may not mount /proc at all.
o stuff in /proc is mostly status and control gunk, not "real" files.
o if you put them in /proc, people will start to argue about their
format :-) .
Mark H. Wood, Lead System Programmer MWOOD@INDYVAX.IUPUI.EDU
Those who will not learn from history are doomed to reimplement it.