[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#12366: [gnu-prog-discuss] Writing unwritable files
From: |
Paolo Bonzini |
Subject: |
bug#12366: [gnu-prog-discuss] Writing unwritable files |
Date: |
Thu, 06 Sep 2012 18:24:29 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120717 Thunderbird/14.0 |
Il 06/09/2012 18:11, Paul Eggert ha scritto:
>> > I consider "shuf foo -o foo" (on a read-write file) to be insecure.
>> > Besides, it works by chance
> It's not by chance. shuf is designed to let you
> shuffle a file in-place, and is documented to work,
> by analogy with "sort -o foo foo". If we ever
> change "shuf" to use mmap, we'll make
> sure it continues to work in-place.
Yeah, I read that from Padraig. I stand corrected.
> I'm not sure what is meant by "insecure" here.
> Of course there are race conditions if other
> processes modify a file when "shuf"
> reads or writes it, but that's true for pretty
> much any program that reads or writes any file,
> including sed -i.
No, unlink/rename "sed -i" replaces the file atomically. A program that
reads the target file will never be able to observe an intermediate
result. This is not true of "shuf -o foo foo".
(In addition, the temporary file for "sed -i" is opened with 0400
permissions for the user running sed, and will not have the same
owner/group/ACL/context as the target file until just before renaming to
the destination).
It's mostly paranoia, but the race window _is_ there unless you use
rename and break hard links.
Paolo
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paolo Bonzini, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Pádraig Brady, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Bernhard Voelker, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Jim Meyering, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paul Eggert, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files,
Paolo Bonzini <=
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paul Eggert, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paolo Bonzini, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paul Eggert, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Bob Proulx, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paul Eggert, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Bernhard Voelker, 2012/09/06
- bug#12366: [gnu-prog-discuss] Writing unwritable files, Paul Eggert, 2012/09/06
- bug#12366: [gnu-prog-discuss] bug#12366: Writing unwritable files, John Darrington, 2012/09/06
- bug#12366: [gnu-prog-discuss] bug#12366: Writing unwritable files, Paolo Bonzini, 2012/09/07
- bug#12366: [gnu-prog-discuss] bug#12366: Writing unwritable files, Paul Eggert, 2012/09/07