Greg Stark wrote:
> On Wed, Aug 20, 2014 at 2:27 PM, Alvaro Herrera
> <alvherre@2ndquadrant.com> wrote:
> > Hmm, the real trick here is linkat(... "/proc/self/foobar"), not the
> > O_TMPFILE: you can have an open file descriptor to an "invisible" file
> > simply by creating a normal file and unlinking it. I looked at linkat()
> > yesterday but the idea of using /proc/self didn't occur to me. Nasty
> > trick :-( It seems linkat() is quite a bit more portable than
> > O_TMPFILE, fortunately ...
>
> Supposedly linkat(2) on Linux refuses to create a link to a file that
> was opened normally and had its last link removed with unlink(2) due
> to concerns that this would create security holes.
Sigh.
--
Álvaro Herrera http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services