Re: locking utmp

[Richard Kettlewell <richardk@chiark.greenend.org.uk>]

Steve Langasek <vorlon@netexpress.net> writes:
> Russell Coker wrote:

>> If it keeps the read lock for an extended period of time and locks
>> out other processes then it could allow a local DOS attack.
> 
> AFAIK, read locks are not exclusive.

Read locks do not prevent other read locks, but they do prevent write
locks, so a read lock can be used to block any process that requires a
write lock.

*fiddles*

I notice that if xterm can't get a F_WRLCK on /var/log/wtmp when
terminating, it takes a SIGALRM after a second and writes what it
wants to anyway.  I don't know if this is part of xterm or of PAM.

open("/var/log/wtmp", O_WRONLY)         = 6
alarm(0)                                = 0
rt_sigaction(SIGALRM, {0x4038dc10, [], 0x4000000}, {SIG_DFL}, 8) = 0
alarm(1)                                = 0
fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = ? ERESTARTSYS (To be restarted)
--- SIGALRM (Alarm clock) ---
sigreturn()                             = ? (mask now [CHLD RTMIN])
_llseek(6, 0, [430080], SEEK_END)       = 0
write(6, "\10\0\0\0\352(\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0
alarm(0)                                = 0
close(6)                                = 0

-- 
http://www.greenend.org.uk/rjk/