Re: [leafnode-list] lockfile_exists disaster, analysis of 1.9.19 and

[krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx (Cornelius Krasel)]

Matthias Andree wrote:

> krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx (Cornelius Krasel) writes:
> 
> > Here is what I believe to be a fix. Patch your version of 1.9.19 with it:
> 
> Unsafe.

Why?

> 1/ may fail when locking actually succeeds.

I suppose you refer to the following sentence of the open(2)
manpage which I do not immediately understand:

               The  solution  for  performing
               atomic file locking using a lockfile is to  create
               a  unique file on the same fs (e.g., incorporating
               hostname and pid), use link(2) to make a  link  to
               the  lockfile.  If  link()  returns 0, the lock is
               successful.  Otherwise, use stat(2) on the  unique
               file  to  check if its link count has increased to
               2, in which case the lock is also successful.

Why should link() fail in the first place?

> 2/ doesn't detect permission errors.

Permission is IMO rather irrelevant if the lockfile is opened in a
directory which is only readable by user news.

> I'm now going to have a drink with my girl-friend,

Enjoy :-)

--Cornelius.

-- 
/* Cornelius Krasel, U Wuerzburg, Dept. of Pharmacology, Versbacher Str. 9 */
/* D-97078 Wuerzburg, Germany   email: krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx */
/* "Science is the game we play with God to find out what His rules are."  */

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list