On Thu, Sep 06, 2007, Henrik Nordstrom wrote:
> With a 2 seconds or so margin on the stat time you should not need to
> care. Also solves the double password change within the same second
> problem... but yes checking the size as well do not hurt.
>
> Patch adding a 2 seconds margin to the stat time is attached.
Yup, sounds good. But!
> if (stat(argv[1], &sb) == 0) {
> if (sb.st_mtime != change_time) {
> - read_passwd_file(argv[1]);
> - change_time = sb.st_mtime;
> + int diff = time(NULL) - sb.st_mtime;
> + if (diff > 2 || diff < 0) {
> + read_passwd_file(argv[1]);
> + change_time = sb.st_mtime;
> + }
Could you explain to me the intent of this? The 2 second time check only
kicks in if the file's already been read because the mtime has changed.
Thats just possibly reading the file twice in quick succession if its been
< 2 seconds since it last changed? I can't see how that fixes the race
condition.
I still think checking the filesize and having a whinge is the better option.
I'd also suggest checking the inode number but that definitely doesn't pick
up people truncate+writing contents and may not work in all situations/FSes..
Adrian
