Date: Tue, 24 Dec 2002 09:11:14 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Poul-Henning Kamp <phk@freebsd.org> Cc: current@freebsd.org Subject: Re: revoke(2) redux... Message-ID: <Pine.NEB.3.96L.1021224090817.41283C-100000@fledge.watson.org> In-Reply-To: <30917.1040730025@critter.freebsd.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 24 Dec 2002, Poul-Henning Kamp wrote: > Isn't there a pretty obvious race between the revoke() and the open() ? > > Wouldn't it in fact make much more sense if revoke(2) was defined as > > int revoke(int fd); /* kick everybody else off */ > > and the code above would look like: There are many races here, but one race is closed by this. The way the login process works is that it chowns the device, then revokes the device. If the problem being addressed is that fd's remain open even after the chown, then revoke works fine, since once you've chowned/chmodded the file, the original process with a normal user uid can't re-open. That said, revoke() has terrible properties from a VFS perspective. I'd be interested in learning about the approaches taken in Linux, etc, to address the same problem. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1021224090817.41283C-100000>