[GRASS5] Unix Sockets directory change...
Glynn Clements
glynn.clements at virgin.net
Tue Oct 9 09:03:36 EDT 2001
Bernhard Reiter wrote:
> > I modified the unix socket routines to always use /tmp/grass-$USER/
> > as the directory. This should overcome some problems with NFS
> > mounts. Hopefully this works okay for everyone.
>
> Not having thought about this deeply:
> Is there a chance of a race tmp condition which makes it
> possible to gain files with the user's permission?
I'm fairly sure that it's safe.
The code first does an lstat() on /tmp/grass-<username> [1]
If it fails, the directory is created with mkdir(), which will fail
with EEXIST if the pathname already exists.
If it succeeds, the code ensures that the target is a directory
(according to the lstat() call), then sets the permissions with
chmod(), which will fail if the user doesn't own the directory (and
isn't root).
It's much easier to create directories safely than to create files.
[1] and not /tmp/grass-$USER; the username comes from G_whoami(),
which uses getpwuid(getuid())->pw_name, not getenv("USER").
BTW, G_whoami() should just fail if getpwuid(getuid()) returns NULL,
by returning NULL, calling G_fatal_error(), segfaulting or whatever.
It certainly shouldn't return a valid pointer.
--
Glynn Clements <glynn.clements at virgin.net>
More information about the grass-dev
mailing list