bsdtar's security restrictions (was Re: Spurious EACCES
errorsfrom apache)
Matthew Dillon
dillon at apollo.backplane.com
Sun Aug 15 14:36:52 PDT 2004
: > This is bad when some of those directories
:> already exist, because other processes trying to access files in the
:> directory hierarchy may lose the race and fail.
:
:<scratching head> I don't think I understand what
:exactly you're trying to do.
:
:You are extracting archives over an existing directory
:that is currently being served by an Apache process in
:order to refresh some (presumably) small number of files?
:
:Give me some more details about your situation and I'll
:see what I can come up with.
:
:Tim
Using tar for that sort of thing is a bad idea anyway, since tar (and
bsdtar) do not use the create-temporary/write/rename trick to atomically
replace files. This means that a live server like a web server could
easily 'catch' files in the middle of being written, leading to odd
errors.
A far better way to handle updates is to extract to a temporary directory
and then use something like 'cpdup -o' (/usr/ports/sysutils/cpdup),
which does properly use the rename trick, to update the live master.
Or, alternatively, NFS mount the master and use cpdup to update each
slave (being sure to synchronize against the master so you don't catch
the master in the middle of an update).
-Matt
Matthew Dillon
<dillon at backplane.com>
More information about the freebsd-current
mailing list