Comment on write_file_safe()'s actual safety

author: Přemysl Eric Janouch <p@janouch.name> 2024-02-10 06:16:27 +0100
committer: Přemysl Eric Janouch <p@janouch.name> 2024-02-10 06:16:27 +0100
commit: c5424e6992a045c568931605cbb466e32deb0cb7 (patch)
tree: 55d18bc03add6e3ce0dfc55ee5d65e9cd6d568d8
parent: cb9d162a265e9e7b86bec92051f40374e79b7a51 (diff)
download: liberty-c5424e6992a045c568931605cbb466e32deb0cb7.tar.gz
liberty-c5424e6992a045c568931605cbb466e32deb0cb7.tar.xz
liberty-c5424e6992a045c568931605cbb466e32deb0cb7.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/liberty.c b/liberty.c
index 4d27127..e438c34 100644
--- a/liberty.c
+++ b/liberty.c
@@ -3552,6 +3552,8 @@ write_file_safe (const char *filename, const void *data, size_t data_len,
 {
 	// XXX: ideally we would also open the directory, use *at() versions
 	//   of functions and call fsync() on the directory as appropriate
+	// FIXME: this should behave similarly to mkstemp(), just with 0666;
+	//   as it is, this function is not particularly safe
 	char *temp = xstrdup_printf ("%s.new", filename);
 	bool success = write_file (temp, data, data_len, e);
 	if (success && !(success = !rename (temp, filename)))
author	Přemysl Eric Janouch <p@janouch.name>	2024-02-10 06:16:27 +0100
committer	Přemysl Eric Janouch <p@janouch.name>	2024-02-10 06:16:27 +0100
commit	c5424e6992a045c568931605cbb466e32deb0cb7 (patch)
tree	55d18bc03add6e3ce0dfc55ee5d65e9cd6d568d8
parent	cb9d162a265e9e7b86bec92051f40374e79b7a51 (diff)
download	liberty-c5424e6992a045c568931605cbb466e32deb0cb7.tar.gz liberty-c5424e6992a045c568931605cbb466e32deb0cb7.tar.xz liberty-c5424e6992a045c568931605cbb466e32deb0cb7.zip