|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Andreas Beck (becka_at_uni-duesseldorf.de)
Date: Wed Jul 31 2002 - 02:11:20 CDT
Andrew Pimlott <andrew
pimlott.net> wrote:
> > > If he is smart, he will check whether the file is open (eg with fuser)
> > Not really. The file does not have to be open to be present in the system.
> > It is prefectly possible to leave a dangling root-owned file several
> > times,
> Correct, but: the admin should still verify that it is not open
> before deleting it (in his cron job).
As long as there is no atomic "check-if-file-is-open-and-if-not-delete-it"
this just makes exploitation harder by introducing another race condition.
CU, Andy
-- = Andreas Beck | Email : <becka
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]