open(2) and O_NOATIME
jilles at stack.nl
Fri Oct 31 08:51:20 PDT 2008
On Fri, Oct 31, 2008 at 02:48:42PM +0100, Paul Schenkeveld wrote:
> utimes(2) allows non-root users to (re)set atime provided they own the
> file or have write permission. Having O_NOATIME follow the same rules
> would not break any assumed security any further than utimes(2) already
> does but greatfully benefit all kind of backup programs.
This is not entirely correct. utimes(2) with NULL timestamps (reset
atime and mtime to current time) is allowed to root, owner or with write
permission, but utimes(2) with given timestamps is only allowed to root
and owner. O_NOATIME seems equivalent to the latter, and in fact this is
the case in Linux (if someone else than root or the owner tries to open
a file with O_NOATIME, they get EPERM).
There's only a small detail missing: any utimes(2) call updates the
ctime, so you can see "something" happened to the file. Linux's
O_NOATIME does not update any times at all (this speeds up things).
Anyway, O_NOATIME (only for root/owner) seems a useful feature.
More information about the freebsd-hackers