Re: Anyone interested in implementing O_NOCLOBBER ?

[Robert Elz <kre%munnari.OZ.AU@localhost>]

    Date:        Sat, 18 Apr 2020 01:23:34 +0200
    From:        Joerg Sonnenberger <joerg%bec.de@localhost>
    Message-ID:  <20200417232334.GA59731%bec.de@localhost>

  | I don't understand this argument. I would invert the logic in /bin/sh,

Actually, I just looked at our code again, and I am not currently seeing
any problems with it that would need fixing, nor, aside from run-time cost,
anything that O_NOCLOBBER would improve.

The way it is written now seems (unless I am missing something) to be
race condition free, and unwanted side effect free as well.   The only
"issue" is that if the file named is a regular file that exists, and
sufficient permissions are available, the current code will open and close
the file (that should be harmless).

Doing it the way it is, I see no exploitable race - there are races (there
always are - someone might be removing the file just about the time the
code running in noclobber mode attempts to write to it - one of those
must happen first, and which it is alters the outcome, but that is just
normal, nothing is going to prevent that).

The only other issue I can see would be if someone were to create a
non-regular file with the name we're opening, just at the precise time
that we have just failed to open because file name did not exist, and
before we try again with O_CREAT+O_EXCL.   In that case the 2nd open
will also fail - so the redirect will fail, even though the "existing
file" that caused the problem is not a regular file, but one of the
others, which -C mode is not supposed to care about.

That isn't a problem I will be losing sleep over.

kre