Date: Tue, 24 Dec 2002 15:52:05 +0100 From: phk@FreeBSD.ORG To: Garrett Wollman <wollman@lcs.mit.edu> Cc: current@FreeBSD.ORG Subject: Re: revoke(2) redux... Message-ID: <1866.1040741525@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 24 Dec 2002 09:42:46 EST." <200212241442.gBOEgkU5034854@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200212241442.gBOEgkU5034854@khavrinen.lcs.mit.edu>, Garrett Wollman
writes:
><<On Tue, 24 Dec 2002 12:40:25 +0100, Poul-Henning Kamp <phk@FreeBSD.ORG> said:
>
>> Isn't there a pretty obvious race between the revoke() and the open() ?
>
>To the extent that the race matters, it is obviated by making sure
>that only the current user has permission to open the device. If the
>user somehow manages to open a device that he owns anyway, it's his
>problem if doing so screws it up.
>
>revoke() was a POSIX invention; it replaces the older vhangup().
But I can't find mention of it in SUS ?
>AIX has an extension such as you suggest (they call it frevoke()).
I think we should implement that in the kernel instead of revoke(2)
because it is actually a lot simpler to implement correctly.
We can then provide revoke(2) as a wrapper:
revoke(const char *name)
{
int fd, e;
fd = open(name, O_RDONLY);
if (fd < 0)
return (fd);
e = frevoke(fd);
close(fd);
return (e);
}
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1866.1040741525>