httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: [PATCH] Make FLOCK mutex work PR#1056
Date Wed, 05 Nov 1997 04:39:31 GMT
On Tue, 4 Nov 1997, Dean Gaudet wrote:

> 
> 
> On Tue, 4 Nov 1997, Jim Jagielski wrote:
> 
> > -    lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY | O_EXCL, 0644);
> > +    lock_fd = popenf(p, lock_fname, O_CREAT | O_WRONLY, 0600);
> 
> Make the parent do an O_CREAT to create the file, and remove O_CREAT from
> the children ... to make the window in which an attacker can stuff a
> symlink in the way smaller... also helps make sure we notice if some dolt
> removes the lock file (the children would all exit, the server would chew
> lots of cpu spawning new children :).  It looks fine either way though. 

The parent should also have a O_EXCL.


Mime
View raw message