From owner-freebsd-security Thu Jul 18 11:16: 1 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F07FA37B400 for ; Thu, 18 Jul 2002 11:15:58 -0700 (PDT) Received: from ns1.pu.net (ns1.pu.net [216.87.139.234]) by mx1.FreeBSD.org (Postfix) with ESMTP id 637FE43E58 for ; Thu, 18 Jul 2002 11:15:58 -0700 (PDT) (envelope-from bugs@ns1.pu.net) Received: (from bugs@localhost) by ns1.pu.net (8.12.5/8.11.6) id g6IIFqBs011069 for freebsd-security@freebsd.org; Thu, 18 Jul 2002 13:15:52 -0500 (CDT) (envelope-from bugs) From: Mark Hittinger Message-Id: <200207181815.g6IIFqBs011069@ns1.pu.net> Subject: today's bugtraq flock issue To: freebsd-security@freebsd.org Date: Thu, 18 Jul 2002 13:15:52 -0500 (CDT) X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Just saw the flock issue on bugtraq. This probably needs some discussion. Should file locking only be permitted on files that are either owned by the caller or are writeable to the caller? What will break if software can't lock files that aren't writeable or belong to someone else? The only problem I can see is performance. I don't think we want to have more overhead during each lock call as this will hurt database speed. Could we have the kernel decide on "lockability" during the open call and keep track of that state? Subsequent lock calls on that fd would then be permitted or denied based on "lockability". Later Mark Hittinger bugs@pu.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message