On Sat, Mar 24, 2007 at 10:17:28PM -0500, Ron Johnson wrote: > On 03/24/07 21:46, Roberto C. Sánchez wrote: > > On Sat, Mar 24, 2007 at 09:31:58PM -0500, Ron Johnson wrote: > >> Ah, you're deleting an open file! > >> > >> The app, then, that deletes an open file is poorly written. > >> > > On the contrary. It makes it so that the only way that someone can get > > to the file is by having cracked the kernel itself. That is, without > > the file descriptor, no other process can get to the data. For example, > > qemu does this. Lots of other programs do this as well for security. > > They open the file, immediately unlink it and then the only access is > > via the file descriptor. > > That reminds me of the Vietnam War philosophy "we had to destroy the > village in order to save the village". It was bad "design" 40 years > ago, it's a bad design now. > Out of curiousity, why do you say that it is a bad design? Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature