Date: Sun, 10 Dec 2000 14:26:05 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/etc crontab Message-ID: <Pine.NEB.3.96L.1001210142216.24257C-100000@fledge.watson.org> In-Reply-To: <200012101856.NAA30441@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 10 Dec 2000, Garrett Wollman wrote: > <<On Sat, 9 Dec 2000 22:42:41 -0500 (EST), Robert Watson <rwatson@FreeBSD.org> said: > > > usual file locking problem: since they're advisory, they're inter-user and > > enforced for root (!). > > This is a Good Thing. A locking mechanism which did not work for root > would be practically useless. (Cf. the POSIX semantics for setuid(), > and why we don't implement them.) I understand the rationale for root obeying advisory locking; root has the option not to obey if it chooses. The unfortunate part is the interference aspect between users based on liberal file permissions. > > As such, any random process running as any random user can acquire > > the lock and stack up all your periodic scripts, > > If and only if they are allowed to open the file in the first place. This is correct. However, this does not apply to the periodic binary, directories, or most base system files, unfortunately. Maybe we need a /var/run/locks with appropriate turnstile files with appropriate modes set. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1001210142216.24257C-100000>