EXCL without CREAT
John P. Linderman
jpl at allegra.UUCP
Sat Jan 4 08:37:31 AEST 1986
> Security is easily solved by refusing to allow locking a file unless
> the file has been successfully opened for WRITE -- there's no real
> excuse for a read-only prog to need to lock a file if the write-file
> prog successfully locks the damned thing anyway.
> --
> <std dsclm, copies upon request> Tanner Andrews, KI4PV
> uucp: ...!decvax!ucf-cs!ki4pv!tanner
I was thinking along the same lines until /dev/null came to mind. It
has to be universally writable, and you dare not allow one process to
block all the others that may want to open it, or cause the opens to
fail. Permissions alone aren't adequate to determine when it's ok to
block other processes. They look reasonable for tty lines, they
clearly aren't for /dev/null.
This isn't a trivial problem, but I'll offer a few claims that I
haven't seen disputed (yet):
1) There is a genuine need for a mechanism to grant exclusive access
to tty lines, at least among ordinary (unsuper) users.
2) flock is not such a mechanism, because processes can do opens
without doing flocks.
3) The TIOCEXCL ioctl is not such a mechanism, because it isn't
atomic.
My candidate for best solution therefore remains EXCL on the open,
with the effect left up to the driver. Tty drivers can honor it,
the /dev/null driver can't, and maybe something semi-intelligent
can be done for ordinary files based on permissions.
John P. Linderman Tender of flocks allegra!jpl
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list