| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Mar 2007 08:53:31 +0100 From: Bodo Eggert <7eggert@....de> To: "Michael K. Edwards" <medwards.linux@...il.com>, Eric Dumazet <dada1@...mosbay.com>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org> Subject: Re: sys_write() racy for multi-threaded append? Michael K. Edwards <medwards.linux@...il.com> wrote: > On 3/8/07, Eric Dumazet <dada1@...mosbay.com> wrote: >> Absolutely not. We dont want to slow down kernel 'just in case a fool might >> want to do crazy things' > > Actually, I think it would make the kernel (negligibly) faster to bump > f_pos before the vfs_write() call. This is a security risk. ---------------- other process: unlink(secrest_file) Thread 1: write(fd, large) (interrupted) Thread 2: fseek(fd, -n, relative) read(fd, buf) ---------------- BTW: The best thing you can do to a program where two threads race for writing one fd is to let it crash and burn in the most spectacular way allowed without affecting the rest of the system, unless it happens to be a pipe and the number of bytes written is less than PIPE_MAX. -- The secret of the universe is #@*%! NO CARRIER Friß, Spammer: dyIw3Rs@...eggert.dyndns.org PLxmr@...7eggert.dyndns.org HmiJuSaiuF@...eggert.dyndns.org rKjmsxE@...gert.dyndns.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists