From mboxrd@z Thu Jan 1 00:00:00 1970 Path: main.gmane.org!not-for-mail From: Colin Walters Newsgroups: gmane.emacs.devel Subject: Re: many packages write to `temporary-file-directory' insecurely Date: 17 Mar 2002 17:08:01 -0500 Sender: emacs-devel-admin@gnu.org Message-ID: <1016402881.5455.24.camel@space-ghost> References: <1014945351.23435.102.camel@space-ghost> <1015103550.7365.17.camel@space-ghost> <200203031718.g23HIKt23295@rum.cs.yale.edu> <200203042340.g24NexL00497@aztec.santafe.edu> <200203051520.g25FKbw01899@rum.cs.yale.edu> <1015389617.25883.37.camel@space-ghost> <1015400126.18074.0.camel@space-ghost> <200203080908.g28986Z02524@wijiji.santafe.edu> <1015757200.18074.71.camel@space-ghost> <200203110901.g2B91Ej04386@wijiji.santafe.edu> NNTP-Posting-Host: localhost.gmane.org Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Trace: main.gmane.org 1016403198 591 127.0.0.1 (17 Mar 2002 22:13:18 GMT) X-Complaints-To: usenet@main.gmane.org NNTP-Posting-Date: Sun, 17 Mar 2002 22:13:18 +0000 (UTC) Original-Received: from quimby.gnus.org ([80.91.224.244]) by main.gmane.org with esmtp (Exim 3.33 #1 (Debian)) id 16mity-00009R-00 for ; Sun, 17 Mar 2002 23:13:18 +0100 Original-Received: from fencepost.gnu.org ([199.232.76.164]) by quimby.gnus.org with esmtp (Exim 3.12 #1 (Debian)) id 16mixx-0002fk-00 for ; Sun, 17 Mar 2002 23:17:25 +0100 Original-Received: from localhost ([127.0.0.1] helo=fencepost.gnu.org) by fencepost.gnu.org with esmtp (Exim 3.34 #1 (Debian)) id 16mit8-0004SF-00; Sun, 17 Mar 2002 17:12:26 -0500 Original-Received: from monk.debian.net ([216.185.54.61] helo=monk.verbum.org) by fencepost.gnu.org with esmtp (Exim 3.34 #1 (Debian)) id 16mirR-0004Ma-00 for ; Sun, 17 Mar 2002 17:10:41 -0500 Original-Received: from space-ghost.verbum.private (freedom.cis.ohio-state.edu [164.107.60.183]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "space-ghost.verbum.org", Issuer "monk.verbum.org" (verified OK)) by monk.verbum.org (Postfix (Debian/GNU)) with ESMTP id A2FE274000A0 for ; Sun, 17 Mar 2002 17:10:27 -0500 (EST) Original-Received: by space-ghost.verbum.private (Postfix (Debian/GNU), from userid 1000) id D880E8A2A1C; Sun, 17 Mar 2002 17:08:01 -0500 (EST) Original-To: emacs-devel@gnu.org In-Reply-To: <200203110901.g2B91Ej04386@wijiji.santafe.edu> X-Mailer: Evolution/1.0 (Preview Release) Errors-To: emacs-devel-admin@gnu.org X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.0.5 Precedence: bulk List-Help: List-Post: List-Subscribe: , List-Id: Emacs development discussions. List-Unsubscribe: , List-Archive: Xref: main.gmane.org gmane.emacs.devel:1995 X-Report-Spam: http://spam.gmane.org/gmane.emacs.devel:1995 On Mon, 2002-03-11 at 04:01, Richard Stallman wrote: > > One way to solve this problem is by having Emacs installation create > > the desired files under /var/games/emacs, make them world-writable, > > and make /var/games/emacs read-only. > > The problem I see with this is that we can't use `rename-file', and thus > we lose atomicity of score file updates. If multiple users are > concurrently reading and writing the same file, it will eventually be > corrupted. > > You are right. > > How do other game programs handle this? Well, from a selection of the games I looked at in the Debian "games" section, none of them seem to make any attempt to handle it at all. In the "xjewel" source, in "hscore.c", there are empty methods like: void File_Lock() { } void File_Unlock() { } ...which apparently the author was going to fill in later. The "conquest" game mmap()s the score file, which has the same problems. And the "lbreakout2" game just uses read and write. Really, I can't see a way to solve this without using some locking mechanism. But that has its own problems, e.g. what to do if a malicious user locks the file and never unlocks it? My gut feeling is that it really would be best to go with ~/.emacs.d/games or so. _______________________________________________ Emacs-devel mailing list Emacs-devel@gnu.org http://mail.gnu.org/mailman/listinfo/emacs-devel