On Wed, Dec 04 2013, Sean Dague wrote: > Honestly, I'd love us to be clever and figure out a not dangerous way > through this, even if unwise (where we can yell at the user in the LOGs > loudly, and fail them in J if lock_dir=/tmp) that lets us progress > through this while gracefully bringing configs into line.
Correct me if I'm wrong, but I think the correct way to deal with that security problem is to use an atomic operation using open(2) with: open(pathname, O_CREAT | O_EXCL) or mkstemp(3). That should be doable in Python too. -- Julien Danjou # Free Software hacker # independent consultant # http://julien.danjou.info
signature.asc
Description: PGP signature
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
