On Tue, 5 May 2009 15:44:54 -0600, Andreas Dilger wrote: > > > or copyfile() will also have to create a tempfile, rename the > > tempfile when the copy is done and deal with all possible errors. And > > if the system crashes, who will remove the tempfile on reboot? Will the > > tempfile have a well-known name, allowing for easy DoS? Or will it be > > random, causing much fun locating it after reboot. > > Maybe I'm missing something, but why do we need a tempfile at all? > I can't imagine that people expect atomic semantics for copyfile(), > any more than they expect atomic sematics for "cp" in the face of a > crash. In the case of cowlink() a tempfile is required when breaking the link. Otherwise open() can result in the file disappearing or being truncated. Rather unexpected. If copyfile() doesn't try to be smart and does the actual copy when being called, I could certainly live with half-written files. Jörn -- "Security vulnerabilities are here to stay." -- Scott Culp, Manager of the Microsoft Security Response Center, 2001 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
