Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: O_EXCL (was: How about MODDIR being configure'able?)

X-seq: zsh-workers 16061
From: Wayne Davison <wayned@xxxxxxxxxxxxxxxxxxxxx>
To: Clint Adams <clint@xxxxxxx>
Subject: Re: O_EXCL (was: How about MODDIR being configure'able?)
Date: Mon, 15 Oct 2001 20:42:50 -0700 (PDT)
Cc: zsh-workers@xxxxxxxxxx
In-reply-to: <20011015134107.A17772@xxxxxxxx>
Mailing-list: contact zsh-workers-help@xxxxxxxxxx; run by ezmlm

On Mon, 15 Oct 2001, Clint Adams wrote:
> Hmm.. shouldn't that be O_CREAT|O_EXCL, which we're not doing in
> all cases?

You are right that O_EXCL (when combined with O_CREAT) is the vital
part of the incantation when creating new temp files, but it is not an
error that some of our open() calls that include O_CREAT do not use
O_EXCL.  For instance, the calls that write out the history file need
to succeed even if the file already exists, but they also want to
succeed when the file doesn't exist.  This is not a security problem
since (sane) people put their history file into their home dir (or
another non-world-writable dir) which is not vulnerable to the "rogue
symlink" exploit.  The code that creates a file based on the return of
mktemp() is all using O_EXCL, so we're OK.

..wayne..

Follow-Ups:
- Re: O_EXCL (was: How about MODDIR being configure'able?)
  - From: Clint Adams

References:
- Re: How about MODDIR being configure'able?
  - From: Clint Adams

Messages sorted by: Reverse Date, Date, Thread, Author