Ar Mer, 2006-08-09 am 10:41 +0200, ysgrifennodd Edgar Toernig:
> If I read the code correctly, the behaviour for hung up ttys is completely
> different: read returns EOF, write returns EIO, select/poll/epoll return
> ready, close works. As rather boring but totally sane behaviour for an fd.
>
> But after revoke you get EBADF for any operation, even select or close.
Thats a detail of the proposed implementation that isn't hard to fix.
> And IMHO that's insane that a regular user may close fds in someone else's
> processes (or munmap some of its memory). I already see people trying
> to exploit bugs in system services:
I can do this already today. In fact the index.html one can be used to
crash certain products now depending on their configuration. Just do
while { true } do
cp some.html index.html
> index.html
done
with a shell that truncates on > and you'll be able to bus error them if
they mmap and are not well written.
These are not actually changes in behaviour. At any point I can shrink a
file I own and you get read -> 0, mmap access -> bus error. Write
behaviour is new but thats no different to filling the disk up or other
real write errors.
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
