Date: Sun, 15 Aug 2004 14:36:51 -0700 (PDT) From: Matthew Dillon <dillon@apollo.backplane.com> To: Tim Kientzle <kientzle@freebsd.org> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: bsdtar's security restrictions (was Re: Spurious EACCES errorsfrom apache) Message-ID: <200408152136.i7FLapSg024733@apollo.backplane.com> References: <20040813235434.GA75875@xor.obsecurity.org> <411FCCCC.8040508@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
: > This is bad when some of those directories :> already exist, because other processes trying to access files in the :> directory hierarchy may lose the race and fail. : :<scratching head> I don't think I understand what :exactly you're trying to do. : :You are extracting archives over an existing directory :that is currently being served by an Apache process in :order to refresh some (presumably) small number of files? : :Give me some more details about your situation and I'll :see what I can come up with. : :Tim Using tar for that sort of thing is a bad idea anyway, since tar (and bsdtar) do not use the create-temporary/write/rename trick to atomically replace files. This means that a live server like a web server could easily 'catch' files in the middle of being written, leading to odd errors. A far better way to handle updates is to extract to a temporary directory and then use something like 'cpdup -o' (/usr/ports/sysutils/cpdup), which does properly use the rename trick, to update the live master. Or, alternatively, NFS mount the master and use cpdup to update each slave (being sure to synchronize against the master so you don't catch the master in the middle of an update). -Matt Matthew Dillon <dillon@backplane.com>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408152136.i7FLapSg024733>