Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Fri, 15 Feb 2002 12:49:46 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Fri, 15 Feb 2002 12:49:39 -0500 Received: from ns.suse.de ([213.95.15.193]:38927 "HELO Cantor.suse.de") by vger.kernel.org with SMTP id ; Fri, 15 Feb 2002 12:49:25 -0500 To: Lorenzo Allegrucci Cc: linux-kernel@vger.kernel.org Subject: Re: Redundant syscalls? In-Reply-To: <02021517152700.01701@odyssey.suse.lists.linux.kernel> From: Andi Kleen Date: 15 Feb 2002 18:47:48 +0100 In-Reply-To: Lorenzo Allegrucci's message of "15 Feb 2002 17:31:49 +0100" Message-ID: Lines: 17 X-Mailer: Gnus v5.7/Emacs 20.6 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Lorenzo Allegrucci writes: > I was wondering why do we need fsetxattr(2), fgetxattr(2) etc when we > already have setxattr(2), getxattr(2) etc working on file names > instead of file descriptors. > truncate(2)/ftruncate(2) is another more traditional example. The f* variant can be race free. For example you want to stat something first to make sure it is what you expect it to be and not a symlink to your /etc/passwd. When you use first stat() and then do random operation on filename with name there is a small window where someone could replace the name with something else. This could be security relevant. fd = open(name, ...); fstat(fd, ..); check fsomething(fd, ...); close(fd); guarantees that you're always working on the same object without any race windows. -Andi - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/