emacs-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: many packages write to `temporary-file-directory' insecurely

From: Colin Walters
Subject: Re: many packages write to `temporary-file-directory' insecurely
Date: 17 Mar 2002 17:08:01 -0500 
On Mon, 2002-03-11 at 04:01, Richard Stallman wrote:
>     > One way to solve this problem is by having Emacs installation create
>     > the desired files under /var/games/emacs, make them world-writable,
>     > and make /var/games/emacs read-only.
> 
>     The problem I see with this is that we can't use `rename-file', and thus
>     we lose atomicity of score file updates.  If multiple users are
>     concurrently reading and writing the same file, it will eventually be
>     corrupted.
> 
> You are right.
> 
> How do other game programs handle this?

Well, from a selection of the games I looked at in the Debian "games"
section, none of them seem to make any attempt to handle it at all.  In
the "xjewel" source, in "hscore.c", there are empty methods like:

void File_Lock()
        {
        }

void File_Unlock()
        {
        }

...which apparently the author was going to fill in later.  The
"conquest" game mmap()s the score file, which has the same problems. 
And the "lbreakout2" game just uses read and write.

Really, I can't see a way to solve this without using some locking
mechanism.  But that has its own problems, e.g. what to do if a
malicious user locks the file and never unlocks it?

My gut feeling is that it really would be best to go with
~/.emacs.d/games or so.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]