[Development] [QLockFile] Whether it is reasonable to use 0644 permission ?
Oswald Buddenhagen
oswald.buddenhagen at qt.io
Wed Jul 27 11:37:51 CEST 2016
On Wed, Jul 27, 2016 at 09:49:14AM +0300, Denis Shienkov wrote:
> Currently this problem belongs to QSerialPort which internally uses
> QLockFile to indication of employment of the /dev/ttyXYZ resources.
>
well, that's kinda the problem. this approach is a hack to work around
inadequate locking on the device itself. is this still a problem on
modern unixes?
> Why just do not use 0666 permissions for this?
>
because any malicious user can then sabotage other users' lock files.
also, isn't this actually mostly about the permissions of the directory
containing the locks? lock grabbing should be mostly about deleting and
re-creating the file.
More information about the Development
mailing list