[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating backups in temporary directories

From: Davis Herring
Subject: Re: creating backups in temporary directories
Date: Mon, 10 Sep 2007 12:23:21 -0700 (PDT)
User-agent: SquirrelMail/1.4.8-6.el3.2lanl

I wrote:

>> Well, then there still is the contorted way of hard linking /tmp/foo
>> to /tmp/foo~, opening /tmp/randomfilename for write, renaming it to
>> /tmp/foo and then finishing the write operation.
> Why not just rename /tmp/foo to /tmp/foo~, then open /tmp/foo with O_EXCL?
>  If it fails, then write (again with O_EXCL) to /tmp/randomfile so that
> the user's work is on disk -somewhere-, and tell them that they have
> enemies.

This of course applies to the backup-by-copying case too: then just open
/tmp/foo~ with O_EXCL when performing the copy, with /tmp/randomfile~ and
"you have enemies" if it fails.

If /tmp/foo~ already exists, rename it first to /tmp/backupforthebackup~
rather than unlinking it; we have to get it out of the way and use O_EXCL
even if we own it in case the directory's owner is the attacker.  (We
don't want to unlink it because getting rid of the backup before we start
writing the new one is unnecessarily fragile.)


This product is sold by volume, not by mass.  If it appears too dense or
too sparse, it is because mass-energy conversion has occurred during

reply via email to

[Prev in Thread] Current Thread [Next in Thread]