From: K-mart Cashier on
Someone told me, on another forum, that kill -9 could possibly erase a
temporary file. Perhaps this is due to lack of experience, but for
whatever reasons, I can' think of a situation where something like
this could happen. Ideas? Or at the very least, some kind of hints
that could put me in the right direction.
From: David Schwartz on
On Jun 6, 5:54 pm, K-mart Cashier <cdal...(a)gmail.com> wrote:
> Someone told me, on another forum, that kill -9 could possibly erase a
> temporary file. Perhaps this is due to lack of experience, but for
> whatever reasons, I can' think of a situation where something like
> this could happen. Ideas? Or at the very least, some kind of hints
> that could put me in the right direction.

1) Program opens a file.

2) Program unlinks that file (by name) from the only directory it is
in (perhaps to prevent anyone else from opening that file).

3) Program access the file through the descriptor opened in step 1.

4) Program restores the link to that file from the containing
directory.

Now imagine you 'kill -9' the program during step 3. Since the only
reference to that file (the descriptor that program has) will be lost,
the file will be deleted at that point.

DS
From: Gordon Burditt on
>> Someone told me, on another forum, that kill -9 could possibly erase a
>> temporary file. Perhaps this is due to lack of experience, but for
>> whatever reasons, I can' think of a situation where something like
>> this could happen. Ideas? Or at the very least, some kind of hints
>> that could put me in the right direction.
>
>1) Program opens a file.
open() or fopen()

>2) Program unlinks that file (by name) from the only directory it is
>in (perhaps to prevent anyone else from opening that file).
unlink() or remove()

>3) Program access the file through the descriptor opened in step 1.
read(), write() or various other functions.

(1) through (3) might be provided by tmpfile().

>4) Program restores the link to that file from the containing
>directory.

What POSIX call will do that? Does anything but Linux have flink(),
and what are the security issues?

>Now imagine you 'kill -9' the program during step 3. Since the only
>reference to that file (the descriptor that program has) will be lost,
>the file will be deleted at that point.

It seems to me that any program that does this is just begging for
the file to be lost (any uncaught signal, such as a segfault or
assert failure, along with exit() will end up losing it). That's
what a *temporary* file is, isn't it? If the file is valuable,
omit steps (2) thru (4), and put it somewhere safe in the first
place.

From: David Schwartz on
On Jun 6, 11:39 pm, gor...(a)hammy.burditt.org (Gordon Burditt) wrote:

> >4) Program restores the link to that file from the containing
> >directory.

> What POSIX call will do that?  Does anything but Linux have flink(),
> and what are the security issues?

I don't believe there's any POSIX call to do it, but there are quite a
few ways (for example, on some operating systems you can use /proc or
equivalent). In any event, this was just an example.

> >Now imagine you 'kill -9' the program during step 3. Since the only
> >reference to that file (the descriptor that program has) will be lost,
> >the file will be deleted at that point.

> It seems to me that any program that does this is just begging for
> the file to be lost (any uncaught signal, such as a segfault or
> assert failure, along with exit() will end up losing it).  That's
> what a *temporary* file is, isn't it?  If the file is valuable,
> omit steps (2) thru (4), and put it somewhere safe in the first
> place.

I agree. But the OP's question was specifically about losing temporary
files.

DS
From: Maxwell Lol on
K-mart Cashier <cdalten(a)gmail.com> writes:

> Someone told me, on another forum, that kill -9 could possibly erase a
> temporary file. Perhaps this is due to lack of experience, but for
> whatever reasons, I can' think of a situation where something like
> this could happen. Ideas? Or at the very least, some kind of hints
> that could put me in the right direction.

Remember that kill -9 cannot be trapped and handled by the
application. It tells trhe application to stop NOW! It does not give
the application a change to clean up any temporary files, finish what
it is doing, or back up if termination would leave something in an
incomplete state.

The normal kill allows the applicaiton to capture the signal, and do
whatever it was programmed to do when stutting down.

So the question is - when is kill -9 used? I'd only use it if (1) I
think the program is malicious, or doing damage the more it runs, or
(2) kill -15 does not work.