[Ocfs2-devel] copyfile semantics.
Jörn Engel
joern at logfs.org
Tue May 5 22:57:12 PDT 2009
On Tue, 5 May 2009 15:44:54 -0600, Andreas Dilger wrote:
>
> > or copyfile() will also have to create a tempfile, rename the
> > tempfile when the copy is done and deal with all possible errors. And
> > if the system crashes, who will remove the tempfile on reboot? Will the
> > tempfile have a well-known name, allowing for easy DoS? Or will it be
> > random, causing much fun locating it after reboot.
>
> Maybe I'm missing something, but why do we need a tempfile at all?
> I can't imagine that people expect atomic semantics for copyfile(),
> any more than they expect atomic sematics for "cp" in the face of a
> crash.
In the case of cowlink() a tempfile is required when breaking the link.
Otherwise open() can result in the file disappearing or being truncated.
Rather unexpected.
If copyfile() doesn't try to be smart and does the actual copy when
being called, I could certainly live with half-written files.
Jörn
--
"Security vulnerabilities are here to stay."
-- Scott Culp, Manager of the Microsoft Security Response Center, 2001
More information about the Ocfs2-devel
mailing list