[PATCH wayland] cursor: Use shm_open() instead of XDG_RUNTIME_DIR files
Pekka Paalanen
ppaalanen at gmail.com
Thu Oct 19 06:31:48 UTC 2017
On Wed, 18 Oct 2017 22:53:04 -0700
Thiago Macieira <thiago at kde.org> wrote:
> On Wednesday, 18 October 2017 07:05:46 PDT Matt Hoosier wrote:
> > On Wed, Oct 18, 2017 at 4:23 AM, Quentin Glidic
> >
> > <sardemff7+wayland at sardemff7.net> wrote:
> > > + fd = shm_open("/wayland-cursor-shared", O_CREAT | O_RDWR, 0);
> > > + shm_unlink("/wayland-cursor-shared");
> >
> > This seems to be a departure from the anonymous behavior that
> > mkstemp() previously offered. shm_open() says that it will open an
> > existing shared-memory object if that pathname already exists. Isn't
> > there a race between one thread doing shm_open() and a different
> > thread doing shm_unlink() such that you could accidentally end up with
> > two different filedescriptors pointing at the same SHM object?
>
> There's another problem: this path is not unique to the calling user. That
> means you need to defend against another user in the system actively trying to
> get to your files or forcing you to open the wrong file.
>
Yes, it looks like we do need to create a system-wide unique file name
even with shm_open(). That is inherently racy as well, we cannot rely
on our naming scheme to be fool-proof-collision-free with reasonable
effort, so you should also use O_EXCL flag to make the call fail if the
file already exists and try again with another name.
Thanks,
pq
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/wayland-devel/attachments/20171019/bfaa8c7f/attachment.sig>
More information about the wayland-devel
mailing list