[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: The open() system call in f8 really broken...



On Wed, 2007-08-15 at 21:22 -0400, Steve Grubb wrote:
> On Wednesday 15 August 2007 21:13:36 Ignacio Vazquez-Abrams wrote:
> > On Wed, 2007-08-15 at 21:00 -0400, Steve Grubb wrote:
> > > On Wednesday 15 August 2007 20:56:10 Steve Dickson wrote:
> > > > Now If I'm not mistaken, its been legal since the 70s to use
> > > > O_CREAT without a mode because (depending on the OS) the mode
> > > > of parent directory will be used (or something similar)...
> > >
> > > The problem is that without a mode being passed, the kernel uses whatever
> > > the stack contents are. And yes, its conceivable the stack contents could
> > > create a world writable setuid file which cannot ever be the intended
> > > operation.
> >
> > So then why not default to a mode of 0 instead, which will do the
> > equivalent of bolting a big, flashing "BROKEN" sign to the app?
> 
> Cause then I think you get another error away from the actual error and windup 
> troubleshooting the wrong problem. This *is* a big flashing "BROKEN" sign at 
> the right point in the software to tell you what really went wrong.

I also find it difficult to understand why forcing code to use
(foo->open)() is a good idea. I understand that's a side effect of C's,
uh... "legacy", but it still bites.

-- 
Ignacio Vazquez-Abrams <ivazqueznet gmail com>

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]