Writing to A NON-Existing File in \"C\"

Root Boy Jim rbj at icst-cmr.arpa
Fri Apr 29 12:10:06 AEST 1988 

   From: der Mouse <mouse at larry.mcrcim.mcgill.edu>

Der Mouse und der Root Boy discussing access: I said...

   > I propose enclosing the whole mess between two stat's, and testing
   > whether the vital statistics match.  Then, you can assume it's the
   > same file you asks about via access.

To which he replied...

   Well, you have to be very careful, and even then, I don't think it's
   possible to get it right.  You can make the window much harder to hit,
   but I don't think it's possible to get rid of it entirely.  After much
   arguing with myself, the closest I've come up with is

   fd = open(path) <--- this must succeed, of course
   access(path)    <--- this must show "access permitted"
   stat(path)      <--\ These two must produce
   fstat(fd)       <--/  matching stat structures

   but this is vulnerable to a quick switch immediately before and after
   the access() call.  Sprinkling extra calls (stat(), access(), etc)
   around doesn't help, because if the switches occur exactly before and
   after the access(), it is impossible to detect them.

My idea is more explicitly

	stat(path,&before)
	if (access(path,how) == 0) { /*OK*/
		fd = open(path,mode);
		stat(path,&after);
		for (all relevant fields in struct stat) {
			if (before.field != after.field) {
				printf("fulling a fast one, eh?\n");
				exit(-1);
			}
		}
	} /* everything OK */

Good things to check would be inode number and creation date. Neither
can easily be faked, except thru acces to the raw device. I am assuming
previous existence of the file access'ed. If it doesn't already exist,
the job is a bit harder. Note also that the file should not be
truncated on the open, in case a fast one *is* being pulled.

Any problems with this approach?

BTW, while we're talking windows, mktemp et al suffer as well.

					   der Mouse

			   uucp: mouse at mcgill-vision.uucp
			   arpa: mouse at larry.mcrcim.mcgill.edu

	(Root Boy) Jim Cottrell	<rbj at icst-cmr.arpa>
	National Bureau of Standards
	Flamer's Hotline: (301) 975-5688
	The opinions expressed are solely my own
	and do not reflect NBS policy or agreement
How many retured bricklayers from FLORIDA are out purchasing
 PENCIL SHARPENERS right NOW??

More information about the Comp.unix.wizards mailing list