[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-trivial] [PATCH] block: Don't forget to delete temporary file
|
From: |
Eric Blake |
|
Subject: |
Re: [Qemu-trivial] [PATCH] block: Don't forget to delete temporary file |
|
Date: |
Wed, 05 Sep 2012 10:28:14 -0600 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120828 Thunderbird/15.0 |
On 09/05/2012 10:23 AM, Paolo Bonzini wrote:
> And finally, the whole get_tmp_filename is unsafe because there is a
> race window between closing and reopening the file, if the directory is
> writable and does not have the sticky bit.
>
> So the patch is an improvement, but there is still something unpleasing
> in this code...
I absolutely agree that there is a nasty race here. If you aren't going
to use the fd, then mktemp() is sufficient (and just as racy, but then
you are at least honest that you don't care about the race); in all
other situations, if you want a temporary file name but want to avoid a
race, then it feels like you should be returning the fd from mkstemp()
still open (or at a bare minimum, auditing ALL callers to make sure they
only use the temporary name with O_CREAT|O_EXCL, and that they retry in
a loop in case they lose the race, at which point they are reinventing
the loop already done on their behalf by mkstemp()...).
--
Eric Blake address@hidden +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
Re: [Qemu-trivial] [Qemu-devel] [PATCH] block: Don't forget to delete temporary file, Kevin Wolf, 2012/09/11