Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Chase Venters <chase.venters@xxxxxxxxxxxx>
- Date: Mon, 7 Aug 2006 17:24:08 -0500 (CDT)
On Mon, 7 Aug 2006, Edgar Toernig wrote:
Your implementation is much cruder - it simply takes the fd
away from the app; any future use gives EBADF. As a bonus,
it works for regular files and even goes as far as destroying
all mappings of the file from all processes (even root processes).
IMVHO this is a disaster from a security and reliability point
of view.
I can see the value in these system calls, but I agree that the implementation is crude. "EBADF" is not something that applications are taught to expect. Someone correct me if I'm wrong, but I can think of no situation under which a file descriptor currently gets yanked out from under your feet -- you should always have to formally abandon it with close().
This kind of thing only looks proper if it leaves the file descriptor in place and just returns errors / EOF when you attempt to access it.
Thanks,
Chase
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Alan Cox
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- References:
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Pavel Machek
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Edgar Toernig
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Pekka Enberg
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- From: Edgar Toernig
- Re: [RFC/PATCH] revoke/frevoke system calls V2
- Prev by Date: Re: arm + sh cross compile suite for amd64 (i386)?
- Next by Date: Re: [PATCH] x86_64: Make NR_IRQS configurable in Kconfig
- Previous by thread: Re: [RFC/PATCH] revoke/frevoke system calls V2
- Next by thread: Re: [RFC/PATCH] revoke/frevoke system calls V2
- Index(es):
Relevant Pages
|
