On Sat, Feb 27, 2021 at 09:26:21PM -0500, Drew DeVault wrote: > On Sat Feb 27, 2021 at 9:24 PM EST, Matthew Wilcox wrote: > > Where's the problem? If mkdir succeeds in a sticky directory, others > > can't remove or rename it. So how can an app be tricked into doing > > something wrong? > > It's not a security concern, it's just about about making the software > more robust. > > 1. Program A creates a directory > 2. Program A is pre-empted > 3. Program B deletes the directory > 4. Program A creates a file in that directory > 5. RIP umm ... program B deletes the directory. program A opens it in order to use openat(). program A gets ENOENT and exits, confused. that's the race you're removing here -- and it seems fairly insignificant to me.
