[2744] in bugtraq
Re: Publically writable directories
daemon@ATHENA.MIT.EDU (Jim Hutchins)
Thu Jun 20 01:21:03 1996
Date: Wed, 19 Jun 1996 11:46:33 -0700
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Jim Hutchins <jim@california.sandia.gov>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
Bill Pemberton wrote:
>
> Jim Hutchins writes:
> >
> > After thinking about this and watching some of the replies, I believe
> > the absolute answer is no, you cannot avoid a race condition on all
> > platforms. open(2) will follow a symbolic link on the platforms I
> > tried, with or without O_EXCL. Depending on what you are trying to
> > do, a couple possible solutions are:
> >
>
> Which platforms were that? For the elm bug I tested the code on a bunch of
> platforms and it did not follow the symlink. The platforms I personally
> tested it on included AIX 3, AIX 4, Solaris 2, SunOS 4, IRIX 4, IRIX 5. The
> other elm folks have tried on many other operating systems.
>
> I've assumed that there were some systems out there that didn't behave
> correctly, but it appears to be rare.
I should have tested more then two machines for a statistical sample,
especially two from different vendors. The machine on my desk (IRIX
4.0.5F) and another I had a window open to (IRIX 4.0.1) both follow
symlinks on open with a O_EXCL. I just tested a few other systems
(IRIX 5.3, SunOS 4.1.2 and 4.1.3_U1, Ultrix 4.1, 4.2 and 4.3A, and DEC
OSF/1 2.1 and 3.2) and they all failed with a "file exists" error.
So for most platforms, it looks like doing an open with O_EXCL is safe,
though I believe my original statement is still true - "the absolute
answer is no, you cannot avoid a race condition on ALL platforms."
Jim Hutchins
Sandia National Labs, California
----------------------------------------------------------------
James A. Hutchins Phone: 1-510-294-2416
Sandia National Laboratories FAX: 1-510-294-1225
P.O. Box 969, MS9011 EMail: jim@ca.sandia.gov
Livermore, CA 94551-0969
