Re: Idea: flink() and anon_open()

Malcolm Beattie (mbeattie@sable.ox.ac.uk)
Mon, 9 Mar 1998 12:26:39 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Steven N. Hirsch: "Re: 2.1.89 doesn't compile"
Previous message: Martin Mares: "Re: [PATCH] Cyrix setup"
In reply to: Albert D. Cahalan: "Re: Idea: flink() and anon_open()"
Next in thread: urbani: "Re: Idea: flink() and anon_open()"

Albert D. Cahalan writes:
>
> > I'd like to suggest two new system calls. They are logical extensions
> > of the existing filesystem features, and they make it possible to do
> > all sorts of interesting things. I particularly want them because I'm
> > writing a program that will be used to install system-critical files
> > (libc), and there are some race conditions that they would eliminate.
> >
> > First is flink(fd, path). This is exactly like link() except that it
> > takes a file descriptor instead of an existing pathname. This allows
> > you to reattach a file that's been deleted but still open, or name a
> > file whose descriptor was passed to you.
>
> I think flink() is good.

SysV calls this fattach() where fd is a STREAMS file descriptor
(usually a STREAMS pipe). For general file descriptors, it has
security implications. For example, you mustn't let it be legal
for a process to get a read-only file descriptor and then link
it into the file system because then it could change the file's
permissions to read-write.

--Malcolm

-- Malcolm Beattie <mbeattie@sable.ox.ac.uk> Unix Systems Programmer Oxford University Computing Services

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Steven N. Hirsch: "Re: 2.1.89 doesn't compile"
Previous message: Martin Mares: "Re: [PATCH] Cyrix setup"
In reply to: Albert D. Cahalan: "Re: Idea: flink() and anon_open()"
Next in thread: urbani: "Re: Idea: flink() and anon_open()"