[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: What is the difference between cat and vim command to file system?



On Wed, Jun 10, 2009 at 01:40:20PM +0800, Sucan Zhang wrote:
> 
> why use cat command to edit a file , the blocks of the file will not change.

If you do "cat > file" or "echo foo > file", the file is first getting
truncated, and so _normally_ the block of the file which will get
reallocated will be the same.   It doesn't have to be, however.

It also means that if you do:

cat > file
foo
foo
foo
^D

and you crash before the ^D, the file will be lost.

> but use vim command to edit a file, the blocks of the file will change?

An carefully written editor such as vim will tend to do something like this:

1) write the new contest to file.new
2) fsync file.new to make sure the blocks are safely on disk
3) rename file.new to file, which will delete file and replace it with file.new

That way if you crash in the middle of writing out the file, you don't
lose the contents of the file.


The bottom line is if you are really trying to do file-level security
controls using block numbers, you need to reestablish the block
numbers each time the filesystem has changed.  As I mentioned, this
also means you have to include the blocks for the inode table and the
blocks containing the directory.  It works only if the filesystem is
static --- and you want to prevent anyone from changing directories
and filenames.  In general, it's really not a great way of doing
partial security on filesystems.  You may be better off using SELinux
or Apparmor.

					- Ted


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]