Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!ucsd!sdcsvax!trantor.harris-atd.com!x102c!bbadger From: bbadger@x102c.harris-atd.com (Badger BA 64810) Newsgroups: comp.unix.questions Subject: Re: Re^2: Named Pipe Creation Summary: Caveat emptor Message-ID: <2305@trantor.harris-atd.com> Date: 11 Jul 89 13:33:58 GMT References: <163@cerc.wvu.wvnet.edu.edu> <653@kl-cs.UUCP> <2286@trantor.harris-atd.com> <2831@solo8.cs.vu.nl> Sender: news@trantor.harris-atd.com Reply-To: bbadger@x102c.harris-atd.com (Badger BA 64810) Organization: Harris GISD, Melbourne, FL Lines: 34 In article <2831@solo8.cs.vu.nl> maart@cs.vu.nl (Maarten Litmaath) writes: >bbadger@x102c.harris-atd.com (Badger BA 64810) writes: >\... You don't necessarily want >\umask changed, because there are other files to open, etc. Easier than >\saving and restoring the umask is simply running >\ ``chmod(pipe_name,mode_bits)'' >\after creating the named pipe. This assumes that the receiver is >\synchronized so as to not attempt and fail for the few ms between >\creation and mode setting. > >This attitude leads to (deeply buried) race conditions. >-- >"I HATE arbitrary limits, especially when |Maarten Litmaath @ VU Amsterdam: > they're small." (Stephen Savitzky) |maart@cs.vu.nl, mcvax!botter!maart You're right, and that was the point of saying ``This assumes...'' I was considering umask flipping to cause a sort of critical section, but it only applies to signal handling, not independent processes. Signal handlers can don't often open files, and could then do their own save/restore of umask. The race condition for the ``chmod'' technique is also probably rare, since there's probably no process just waiting to read the named pipe. You probably have to write the name to a well-known ``connection'' named pipe, or something. This provides sufficient synchronization for normal cases. We're not concerned in this case with preventing unauthorized access to the pipe. The problem was overly-restrictive permissions due to umask restrictions. So, I still prefer the chmod solution, since it involves one less system call. (If you're opening multiple pipes, or have a reason to change umask *perm- anently*, the umask solution is as good or better.) Bernard A. Badger Jr. 407/984-6385 |``Use the Source, Luke!'' Secure Computer Products |``Get a LIFE!'' -- J.H. Conway Harris GISD, Melbourne, FL 32902 |Buddy, can you paradigm? Internet: bbadger%x102c@trantor.harris-atd.com|'s/./&&/g' Tom sed expansively.