Re: locking utmp
Steve Langasek <vorlon@netexpress.net> writes:
> Russell Coker wrote:
>> If it keeps the read lock for an extended period of time and locks
>> out other processes then it could allow a local DOS attack.
>
> AFAIK, read locks are not exclusive.
Read locks do not prevent other read locks, but they do prevent write
locks, so a read lock can be used to block any process that requires a
write lock.
*fiddles*
I notice that if xterm can't get a F_WRLCK on /var/log/wtmp when
terminating, it takes a SIGALRM after a second and writes what it
wants to anyway. I don't know if this is part of xterm or of PAM.
open("/var/log/wtmp", O_WRONLY) = 6
alarm(0) = 0
rt_sigaction(SIGALRM, {0x4038dc10, [], 0x4000000}, {SIG_DFL}, 8) = 0
alarm(1) = 0
fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0, len=0}) = ? ERESTARTSYS (To be restarted)
--- SIGALRM (Alarm clock) ---
sigreturn() = ? (mask now [CHLD RTMIN])
_llseek(6, 0, [430080], SEEK_END) = 0
write(6, "\10\0\0\0\352(\0\0pts/4\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0}) = 0
rt_sigaction(SIGALRM, {SIG_DFL}, NULL, 8) = 0
alarm(0) = 0
close(6) = 0
--
http://www.greenend.org.uk/rjk/
Reply to: