Trojan Horses
Tim W Smith
ts at cup.portal.com
Mon Oct 22 01:27:57 AEST 1990
< Programmers failing to check the return value of close() in their programs
< is one of the never-ending problems we have had here at Project Athena.
<
< If you are working on a remote filesystem (such as NFS or AFS), your file i
s
< often not completely flushed to the remote filesystem until you close it.
< Therefore, if you are (for example) close to your quota, and you do close(),
< it is quite possible that the close() will put you over your quota and
< therefore fail.
This sounds like very bad file system design. If you are over some quota,
the write() that caused you to go over the quota should return an error.
The local system should determine your quota and remaining space and
check this on each write.
Furthermore, when the close() fails, you now have a program that knows
that some amount of previously written data is not valid. How can
it determine how much? Furthermore, can the program recover the data
from the system? Or does this mean that a program should keep a copy
in memory of all data that is hard to reproduce until it closes the file?
In summary, this behaviour of a file system is not acceptable.
Tim Smith
More information about the Comp.unix.internals
mailing list