Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!adm!rbj@icst-cmr.arpa
From: rbj@icst-cmr.arpa (Root Boy Jim)
Newsgroups: comp.unix.wizards
Subject: Writing to A NON-Existing File in \"C\"
Message-ID: <13174@brl-adm.ARPA>
Date: 29 Apr 88 02:10:06 GMT
Sender: news@brl-adm.ARPA
Lines: 62


   From: der Mouse <mouse@larry.mcrcim.mcgill.edu>

Der Mouse und der Root Boy discussing access: I said...

   > I propose enclosing the whole mess between two stat's, and testing
   > whether the vital statistics match.  Then, you can assume it's the
   > same file you asks about via access.

To which he replied...

   Well, you have to be very careful, and even then, I don't think it's
   possible to get it right.  You can make the window much harder to hit,
   but I don't think it's possible to get rid of it entirely.  After much
   arguing with myself, the closest I've come up with is

   fd = open(path) <--- this must succeed, of course
   access(path)    <--- this must show "access permitted"
   stat(path)      <--\ These two must produce
   fstat(fd)       <--/  matching stat structures

   but this is vulnerable to a quick switch immediately before and after
   the access() call.  Sprinkling extra calls (stat(), access(), etc)
   around doesn't help, because if the switches occur exactly before and
   after the access(), it is impossible to detect them.

My idea is more explicitly

	stat(path,&before)
	if (access(path,how) == 0) { /*OK*/
		fd = open(path,mode);
		stat(path,&after);
		for (all relevant fields in struct stat) {
			if (before.field != after.field) {
				printf("fulling a fast one, eh?\n");
				exit(-1);
			}
		}
	} /* everything OK */

Good things to check would be inode number and creation date. Neither
can easily be faked, except thru acces to the raw device. I am assuming
previous existence of the file access'ed. If it doesn't already exist,
the job is a bit harder. Note also that the file should not be
truncated on the open, in case a fast one *is* being pulled.

Any problems with this approach?

BTW, while we're talking windows, mktemp et al suffer as well.

					   der Mouse

			   uucp: mouse@mcgill-vision.uucp
			   arpa: mouse@larry.mcrcim.mcgill.edu

	(Root Boy) Jim Cottrell	<rbj@icst-cmr.arpa>
	National Bureau of Standards
	Flamer's Hotline: (301) 975-5688
	The opinions expressed are solely my own
	and do not reflect NBS policy or agreement
How many retured bricklayers from FLORIDA are out purchasing
 PENCIL SHARPENERS right NOW??