| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.2.00.0810091218300.3210@nehalem.linux-foundation.org> Date: Thu, 9 Oct 2008 12:22:23 -0700 (PDT) From: Linus Torvalds <torvalds@...ux-foundation.org> To: Miklos Szeredi <miklos@...redi.hu> cc: jens.axboe@...cle.com, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org Subject: Re: splice vs O_APPEND On Thu, 9 Oct 2008, Miklos Szeredi wrote: > > We know that nobody is currently relying on O_APPEND semantics with > splice, so this should be OK. Having now realized that apparently you can't rely on O_APPEND for anything but plain write _anyway_ (ie pwrite shouldn't honor it), I'm going to drop this thing as "let's think about it more". Maybe the right thing to do is to just say that O_APPEND (and IS_APPEND) is really not as reliable as people might expect, and just say that the only thing it affects is a plain write() system call. Of course, I think POSIX is crazy, and we probably _should_ always honor O_APPEND, and returning -EINVAL is the right thing for both pwrite and splice, but this is all a murkier issue than it looked like originally, and any possible "security" implications are dubious in that you cannot really depend on O_APPEND/IS_APPEND anyway. Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists