The open() system call in f8 really broken...

[Ignacio Vazquez-Abrams]

On Wed, 2007-08-15 at 21:22 -0400, Steve Grubb wrote:
> On Wednesday 15 August 2007 21:13:36 Ignacio Vazquez-Abrams wrote:
> > On Wed, 2007-08-15 at 21:00 -0400, Steve Grubb wrote:
> > > On Wednesday 15 August 2007 20:56:10 Steve Dickson wrote:
> > > > Now If I'm not mistaken, its been legal since the 70s to use
> > > > O_CREAT without a mode because (depending on the OS) the mode
> > > > of parent directory will be used (or something similar)...
> > >
> > > The problem is that without a mode being passed, the kernel uses whatever
> > > the stack contents are. And yes, its conceivable the stack contents could
> > > create a world writable setuid file which cannot ever be the intended
> > > operation.
> >
> > So then why not default to a mode of 0 instead, which will do the
> > equivalent of bolting a big, flashing "BROKEN" sign to the app?
> 
> Cause then I think you get another error away from the actual error and windup 
> troubleshooting the wrong problem. This *is* a big flashing "BROKEN" sign at 
> the right point in the software to tell you what really went wrong.

I also find it difficult to understand why forcing code to use
(foo->open)() is a good idea. I understand that's a side effect of C's,
uh... "legacy", but it still bites.

-- 
Ignacio Vazquez-Abrams <ivazqueznet at gmail.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-maintainers/attachments/20070815/e245d00a/attachment.sig>