LinuxSA Mailing list archives

  From: David Newall <davidn@rebel.net.au>
  To  : Daryl Tester <dt@picknowl.com.au>
  Date: Fri, 28 Apr 2000 17:53:51 +0930 (CST)

Re: Protecting files against power failure

> I suspect that if you could pass this descriptor into your favourite
> programming/scripting language, you could even rewind it back to the
> beginning of the non-existant file and replay its contents (although,
> of course, this shouldn't affect the shell's file descriptor - care
> to hazard a guess why?).

File descriptors can be shared amongst different processes.  Consider these
two command sequences:

  bash$ some-process < some-file & some-process < some-file
  bash$ (some-process & some-process) < some-file

Both run some-process twice, more or less at the same time; and both take
their input from some-file.  But these are NOT equivalent.  In the second
example both instances of some-process share the same file descriptor, and
any change in the descriptor used by one process can (and does) impact the
other.

Shared file descriptors are a sort of shared memory device, as the
following programs demonstrate:

  bash$ cat print.c
  #include <unistd.h>
  #include <stdio.h>
  main() {
     long lastpos = 0, curpos;
     for (;;)
        if ((curpos = lseek(0, 0L, SEEK_CUR)) != lastpos)
           printf("%ld\n", lastpos = curpos);
  }
  
  bash$ cat set.c
  #include <unistd.h>
  main(int argc, char *argv[]) {
     lseek(0, atol(argv[1]), SEEK_CUR);
  }
  
  bash$ cc -o print print.c; cc -o set set.c
  bash$ exec 5> /dev/null
  bash$ ./print <&5 &
  [1] 1234
  bash$ ./set 100 <&5
  100
  bash$ ./set -10 <&5
  90
  bash$ ./set 12345 <&5
  12435

The numbers are printed by print, but as a result of something which set
does.  This is a clear example of how one process CAN impact another (even
though the implicit promise of Unix is that all processes are isolated from
all others.)

If you had bypassed somebody's computer's security, and wanted to keep some
files on their machine, but you didn't want them to find those files, you
could use this technique to do so:  Leave a process running, which kept all
of the files open but unlinked so they could not be found.  When you need
access to a file you signal that process and have it pass a file descriptor
(using send()) to you.  Well that's what you could do if you were evil.

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject