Bugtraq mailing list archives
Re: request-route
From: jmm () ELEGANT COM (John Macdonald)
Date: Tue, 29 Jul 1997 17:19:26 -0400
Eric Bennett wrote : || On Tue, 29 Jul 1997, Zoltan Hidvegi wrote: || || > As far as I know, there is no portable way to safely create || > lock files in a world-writable directory from a bourne-shell script. || || I have done this by creating directories instead of files: only one mkdir || will complete. You can also create a pid-specific file and then ln it to the || common lockfile - only one ln will complete (without the -f flag). || || I'm not sure if ln is save over NFS, but I beleive that mkdir is. Nope, you;ve got it backwards. To begin, the same basic problem applies to both. If an operation succeeds, but the acknowledgement gets lost on the network, then the time-out cause a retry which will fail because the target item exists. So, even the user that created the lock doesn't know that *their* operation succeeded. With "mkdir", that is fatal - there is no way to look at a directory and tell which program created it (well maybe you could manage to have every process use a different group). With "ln", it is not. As long as each process uses their own private file with distinguishable contents (like its process id), then if the link succeeds the created lock file will contain the creator's process id - *even* if NFS gets confused and says that the operation failed. So, as long as you ignore the status of the "ln" attempt, but instead read the lock file and compare with the process id you tried to register, you can safely determine whether you created a lock file. Stateless protocols have a definite downside. -- Perl's grammar can not be reduced to BNF. The work of | John Macdonald parsing perl is distributed between yacc, the lexer, | jmm () elegant com smoke and mirrors. - Chaim Frenkel |
Current thread:
- Re: CPSR 7: IRIX WWW Server, (continued)
- Re: CPSR 7: IRIX WWW Server Aaron Bornstein (Jul 24)
- Security hole in mgetty+sendfax Gert Doering (Jul 24)
- BIND Nuking Aveek Datta (Jul 24)
- Re: BIND Nuking Thomas H. Ptacek (Jul 29)
- ANNOUNCE: inn-1.5.1sec (fwd) Christopher Samuel (Jul 30)
- Re: Security hole in mgetty+sendfax Gert Doering (Jul 25)
- BIND Nuking Nicolas Dubee (Jul 25)
- Re: your mail Ariel Biener (Jul 25)
- Re: request-route Zoltan Hidvegi (Jul 28)
- Re: request-route Eric Bennett (Jul 29)
- Re: request-route John Macdonald (Jul 29)
- Re: request-route Kragen Sitaker (Jul 30)
- Re: request-route John Macdonald (Jul 31)
- perl fingerd stupidity Chris Terry (Jul 31)
- HP Security Bulletins Digest Aleph One (Jul 31)
- BIND Nuking Aveek Datta (Jul 24)
- Re: request-route Mihai SANDU (Jul 26)
- Netspace Singapore Privacy Bug Aleph One (Jul 26)
- Re: your mail Alan Cox (Jul 27)
- Re: Solaris2.5.1 dtlogin core Andrew Hobgood (Jul 24)