basic C question

Anthony de Boer adb-tlug-AbAJl/g/NLXk1uMJSBkQmQ at public.gmane.org
Tue Jul 13 02:09:20 UTC 2004


Taavi Burns wrote:
> On Mon, Jul 12, 2004 at 03:54:28PM -0400, fcsoft-3Emkkp+1Olsmp8TqCH86vg at public.gmane.org wrote:
> > Here is some code which uses a standard file which illustrates quite simply
> > that write() will not fail when the inode is removed after a successful
> > open().
>
>  ...  I've heard of this being done for programs which want some
> limited modicum of security (the file still hits disk, but at least you
> can't access it via filesystem calls after it's been unlinked,

More classically it gets done for temporary files; you create a new file,
open read-write, and immediately unlink() it.  You can continue using
that file descriptor for the remainder of your program, and you're
guaranteed (modulo strange crash modes) that the temporary space goes
away when you exit.  This saves having to try to trap all signals and
exits points and try to clean up at each and every one, even while still
having to concede that SIGKILL keeps you from cleaning up in that case. 
The only real window of leaving the file laying around is right after
creating it, while it's still empty.

Granted, nowadays a programmer is more likely to just declare or malloc
a huge array, and do it all in virtual memory.

-- 
Anthony de Boer
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list