On Fri, 10 Jun 2005, Behdad Esfahbod wrote: > On Fri, 10 Jun 2005, Patrick Lam wrote: > > > Jeremy C. Reed wrote: > > > Please make sure this doesn't have race conditions when using /tmp or > > > TMPDIR. > > > > > > Maybe use O_EXCL (with open(2)) when creating, but that may not be good > > > enough for some network-based filesystems. > > > > > > And don't use 666 for creating the file. If I overlooked or misunderstood > > > something, please let us know. > > > > I will use 600 rather than 666. Since this file is just hanging around > > anyway, it seems to be insufficient to avoid race conditions. I think > > that if I could create a checksum (e.g. CRC32) of the expected state, as > > written, and verified the checksum before read, that ought to be > > sufficient; what do you think? What do you mean by "just hanging around"? I don't know the code myself. And have not tested. Try manually making a symlink from the name of your file to be created and have it point to another existing file ... and see what your code does to it. (Imagine someone malicious making a symlink pointing to your password database and waiting for someone to run this routine as root to cause a simple denial of service.) > You better use O_EXCL anyway. Just in case two copies of fc-mmap > happen to run in parallel, or something. Jeremy C. Reed BSD News, BSD tutorials, BSD links http://www.bsdnewsletter.com/