Using shell commands versus C equivalents
youshi10 at u.washington.edu
youshi10 at u.washington.edu
Wed Jun 13 17:23:37 UTC 2007
On Wed, 13 Jun 2007, Joerg Sonnenberger wrote:
> On Wed, Jun 13, 2007 at 11:15:52AM -0500, Rick C. Petty wrote:
>> Another improvement made by using stat(2)/chmod(2) over chmod(1) using
>> system(3) variants is the protection against malicious filenames. The
>> original code should have used fork/execv instead anyway.
>
> To be precise, this case should use open/fstat/fchmod to avoid another
> bunch of race conditions.
>
> Joerg
Should I briefly lock (flock) the file when running open/fstat/fchmod then to avoid issues? This may become a problem as pkg_*/make becomes more parallelized (another student's goals for his SoC project).
Needless to say, pkg_* is by no means threadsafe in its current form though. It uses some global vars that are currently not mutex locked, and this type of file access is another issue (I wonder if spinlocking or sleeping waiting for flock to finish would be better in this case).
-Garrett
More information about the freebsd-hackers
mailing list