2002-02-15 16:25:11

by Lorenzo Allegrucci

[permalink] [raw]
Subject: Redundant syscalls?


I was wondering why do we need fsetxattr(2), fgetxattr(2) etc when we
already have setxattr(2), getxattr(2) etc working on file names
instead of file descriptors.
truncate(2)/ftruncate(2) is another more traditional example.

Thanks


2002-02-15 17:01:11

by Doug McNaught

[permalink] [raw]
Subject: Re: Redundant syscalls?

Lorenzo Allegrucci <[email protected]> writes:

> I was wondering why do we need fsetxattr(2), fgetxattr(2) etc when we
> already have setxattr(2), getxattr(2) etc working on file names
> instead of file descriptors.
> truncate(2)/ftruncate(2) is another more traditional example.

Because you can't reliably derive a file name from an open file
descriptor, so it's useful to have a way to act on the file directly
through the descriptor.

-Doug
--
Let us cross over the river, and rest under the shade of the trees.
--T. J. Jackson, 1863

2002-02-15 17:49:46

by Andi Kleen

[permalink] [raw]
Subject: Re: Redundant syscalls?

Lorenzo Allegrucci <[email protected]> writes:

> I was wondering why do we need fsetxattr(2), fgetxattr(2) etc when we
> already have setxattr(2), getxattr(2) etc working on file names
> instead of file descriptors.
> truncate(2)/ftruncate(2) is another more traditional example.

The f* variant can be race free. For example you want to stat something
first to make sure it is what you expect it to be and not a symlink
to your /etc/passwd. When you use first stat() and then do random
operation on filename with name there is a small window where someone
could replace the name with something else. This could be security relevant.
fd = open(name, ...); fstat(fd, ..); check fsomething(fd, ...); close(fd);
guarantees that you're always working on the same object without any race
windows.

-Andi

2002-02-15 18:18:28

by Jesse Pollard

[permalink] [raw]
Subject: Re: Redundant syscalls?

--------- Received message begins Here ---------

>
>
> I was wondering why do we need fsetxattr(2), fgetxattr(2) etc when we
> already have setxattr(2), getxattr(2) etc working on file names
> instead of file descriptors.
> truncate(2)/ftruncate(2) is another more traditional example.

Atomic actions.

Consider the case of a file that doesn't exist yet. first you
open it, then perform the fsetxattr. If you use the name, then it becomes
possible to rename the file and substitute a different one before the
setxattr. Now, the open file will be missing the attribute(s).
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: [email protected]

Any opinions expressed are solely my own.