From owner-freebsd-current  Tue Dec 24  8:25:49 2002
Delivered-To: freebsd-current@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 931)
	id 1FC1837B401; Tue, 24 Dec 2002 08:25:48 -0800 (PST)
Date: Tue, 24 Dec 2002 08:25:48 -0800
From: Juli Mallett <jmallett@FreeBSD.org>
To: phk@freebsd.org
Cc: "Paul A. Scott" <pscott@skycoast.us>, current@freebsd.org
Subject: Re: revoke(2) redux...
Message-ID: <20021224082548.A27172@FreeBSD.org>
References: <BA2DAFDF.17D6B%pscott@skycoast.us> <1731.1040741036@critter.freebsd.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5.1i
In-Reply-To: <1731.1040741036@critter.freebsd.dk>; from phk@freebsd.org on Tue, Dec 24, 2002 at 03:43:56PM +0100
Organisation: The FreeBSD Project <http://FreeBSD.org>
X-Alternate-Addresses: <jmallett@NewGold.NET>, <jmallett@xMach.org>, <juli@jerkcity.com>, <flata@toxic.magnesium.net>, <jmallett@OpenDarwin.org>
X-Towel: Yes
X-LiveJournal: flata, jmallett
X-Negacore: Yes
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

* De: phk@freebsd.org [ Data: 2002-12-24 ]
	[ Subjecte: Re: revoke(2) redux... ]
> revoke is used in most "login daemons", telnetd, getty and elsewhere.
> 
> There is no way you can close the race between:
> 
> 	revoke("/dev/ttyfoo");
> and
> 	open("/dev/ttyfoo");
> 
> Not even in init(8).  There is always the risk that another process
> opens the device between the two.

Don't the chmod hacks performed on TTYs to essentially go from "this is
free" to "this is mine" close that race more or less?  I understand from
watching xpty discussion that if a tty matches certain mode/... requirements
then one should try to chown it and chmod it appropriately to themselves,
and if that fails, go back to looking for one (aquiring a lock on the tty
essentially) then do a revoke on it, because it's now really ours, and then
go on to open it...  Kicking people off only once the open works is an
interesting idea (wrt frevoke), but by then we've already trashed the perms...
I'm not sure whether there's a meaningful race in that (though of course
there are lots of races in that, especially if not appropriately coded)
and how much of a bad window exists wrt revoke/frevoke, and whether it is
really solved by fvrevoke.

juli.
-- 
Juli Mallett <jmallett@FreeBSD.org>
OpenDarwin, Mono, FreeBSD Developer.
ircd-hybrid Developer, EFnet addict.
FreeBSD on MIPS-Anything on FreeBSD.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message