Re: [PATCH] O_DIRECTORY|O_CREAT handling

From: Willy Tarreau
Date: Sun Dec 21 2003 - 05:52:32 EST


Hi Ulrich,

On Sun, Dec 21, 2003 at 01:40:39AM -0800, Ulrich Drepper wrote:
>
> Some programs create temporary directory which they afterward use as the
> working directory or changed root. I.e., we have code like this:
>
> mkdir ("/some/dirRANDOM");
> chdir ("/some/dirRANDOM");
>
> or
>
> mkdir ("/some/dirRANDOM");
> fd = open ("/some/dirRANDOM", O_DIRECTORY);
> fchdir (fd);
>
> or
>
> mkdir ("/some/dirRANDOM");
> chroot ("/some/dirRANDOM");
>
> All these pieces of code have an obvious flaw, a race. There is no
> atomic way to do what we want.

Although I agree on the race, I fail to see in what case it matters.
In my programs, I often use mkdir() to get temporary directories instead
of temporary files, just because of the atomicity of the test-and-set which
mkdir() provides. Basically, I do :

base_dir="/tmp/tmpdir";
do {
rnd=random();
sprintf(dir, "%s%d", base_dir, rnd);
} while (!mkdir(dir, 0700);
/* now I'm guaranteed that I'm the first to get this dir, */
/* and only my UID can work in it */
chdir(dir);

So the only race would be someone working with the same UID (or root) removing
the directory and replacing it with another one (or a symlink or anything)
between mkdir() and chdir(). But don't see any use or consequence to this.

> Now combine these two problems. How about making this work?
>
> fd = open ("/some/dirRANDOM", O_RDONLY|O_CREAT|O_DIRECTORY|O_EXCL, 0700);
> fchdir (fd);

It would be interesting, of course, but is it portable to other systems ? If
it is not, very few people will use it, unfortunately. But if others already
do it right, then why not include it ?

Cheers,
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/