From mboxrd@z Thu Jan 1 00:00:00 1970 From: "H. Peter Anvin" Subject: Re: *at syscalls for xattrs? Date: Mon, 16 Jul 2007 10:57:36 -0700 Message-ID: <469BB190.1080300@zytor.com> References: <20070715205313.GE21668@ftp.linux.org.uk> <1184534001.2765.5.camel@entropy> <20070715222323.GG21668@ftp.linux.org.uk> <469B2CAE.9010101@goop.org> <469B3B73.9010400@zytor.com> <469B3EC2.8080702@garzik.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Miklos Szeredi , jeremy@goop.org, jengelh@computergmbh.de, viro@ftp.linux.org.uk, nmiell@comcast.net, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org To: Jeff Garzik Return-path: Received: from terminus.zytor.com ([198.137.202.10]:54108 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754455AbXGPSBY (ORCPT ); Mon, 16 Jul 2007 14:01:24 -0400 In-Reply-To: <469B3EC2.8080702@garzik.org> Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org Jeff Garzik wrote: >> >> What the *at() interfaces really do is fix/paper over a longstanding >> wart in Unix: the cwd really should have been a standard file descriptor >> (like stdin/stdout/stderr) instead of a magic piece of state maintained >> in kernel space. > > It's more than a wart, IMO. *at() allows one to close races (with > potential security implications) that are otherwise impossible to close, > in directory traversal. > > *at() permits a userspace program to hold proper references to all > objects during a directory traversal, with all that implies. > Well, as Jeremy pointed out, in the absence of threads you can do the same thing with fchdir(), however, that's much more of a hack. -hpa