[m-dev.] Libraries Idea

Fergus Henderson fjh at cs.mu.OZ.AU
Wed Sep 22 19:03:36 AEST 1999

Previous message: [m-dev.] Libraries Idea
Next message: [m-dev.] Libraries Idea
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 22-Sep-1999, Peter Schachte <schachte at cs.mu.OZ.AU> wrote:
> Hrumph.
> 
> Isn't there some way to do this under unix?  All it needs is a way to
> have files that can be read by anybody but can only be written by one
> program.  It seems like a simple enough request, someone must have
> solved this before.

Sure, there's two basic ways, one is to use setuid programs, the other
is to use a server program and communicate via sockets or other forms of IPC.
Either of these _can_ be done securely, but history shows that in practice
often they are not -- there must have been hundreds of CERT advisories
mentioning setuid programs or server programs.

> I think each of the problems Warwick mentions can be avoided with a
> setuid program (I'm back to setuid because of the file ownership
> problem).  Race conditions can be avoided by having a single process
> coordinate the building and accept requests for more objects to build.

Well, if you're going with a setuid program, then locking might
be a better way to avoid race conditions.  Choose either a setuid program
_or_ a server, having both seems like unnecessary complexity.
(After all, how does your setuid program avoid starting up two servers?)

> What worries me is the "etc."  What other problems are there I haven't
> thought of and Warwick hasn't mentioned?

To avoid denial-of-service attacks you need to ensure that the installation
process handles conditions like disk full or ulimit exceeded properly.

-- 
Fergus Henderson <fjh at cs.mu.oz.au>  |  "I have always known that the pursuit
WWW: <http://www.cs.mu.oz.au/~fjh>  |  of excellence is a lethal habit"
PGP: finger fjh at 128.250.37.3        |     -- the last words of T. S. Garp.
--------------------------------------------------------------------------
mercury-developers mailing list
Post messages to:       mercury-developers at cs.mu.oz.au
Administrative Queries: owner-mercury-developers at cs.mu.oz.au
Subscriptions:          mercury-developers-request at cs.mu.oz.au
--------------------------------------------------------------------------

Previous message: [m-dev.] Libraries Idea
Next message: [m-dev.] Libraries Idea
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the developers mailing list