Date: Sat, 18 Apr 2020 01:23:34 +0200 From: Joerg Sonnenberger <jo...@bec.de> Message-ID: <20200417232334.ga59...@bec.de>
| I don't understand this argument. I would invert the logic in /bin/sh, | e.g. try to open with O_CREAT|O_EXCL first and only do the open dance if | it fails with EEXIST. We could do that, and some shells do. I didn't write the code we're using, but I believe (am assuming) that it is the way it is to minimise costs in the common cases. | That would give it reasonable behavior even for lock files? No, as long as you go ahead and do something else if EEXIST, and sometimes succeed after that, then there's a race window. It might not be one that any ordinary mortal would care much about, but it is one that the people who have to prove that their code is safe care a lot about. (Note that "non-regular" files include things like fifo's - it isn't just device file nodes that one needs to be root to create that are an issue). O_EXCL works for lock files, if and only if, you believe its answer. I either successfully made the lock, or I did not. The end. That's the same info O_NOCLOBBER is supposed to provide - while also not then requiring its users to go check and determine why the open failed and whether or not we should care - that is to be useful for both lock files, and for traditional noclobber. kre