diff options
| author | Reepca Russelstein <reepca@russelstein.xyz> | 2025-03-28 05:55:51 -0500 |
|---|---|---|
| committer | John Kehayias <john.kehayias@protonmail.com> | 2025-06-24 10:07:55 -0400 |
| commit | 7173c2c0cad8afc9d8d1ad26f345b5a04f47716a (patch) | |
| tree | 7e630ab5e5d123494609bac10d07a7e7c3548593 /nix/nix-daemon/guix-daemon.cc | |
| parent | a183afa8e251e86d9dc17e8f177deeef0c1d534d (diff) | |
daemon: Implement ‘deletePath’ in terms of the *at functions.
deletePath needs to be able to operate securely in unfriendly environments,
where adversaries may be concurrently modifying the files being operated on.
For example, directories that we are currently recursing through may be
replaced with symbolic links.
We err on the side of early failure here: if a file or directory is
concurrently modified in a way that causes one of the system calls to fail, we
throw an exception immediately instead of trying to adapt to the change.
Note that we use fstat instead of fstatat for verifying the directory's
st_mode field because AT_EMPTY_PATH is linux-specific.
* nix/libutil/util.cc (_deletePathAt): new procedure.
(_deletePath): use it.
Change-Id: I7ccfe6f1f74dbab95617b24034494e0f63030582
Signed-off-by: Ludovic Courtès <ludo@gnu.org>
Signed-off-by: John Kehayias <john.kehayias@protonmail.com>
Diffstat (limited to 'nix/nix-daemon/guix-daemon.cc')
0 files changed, 0 insertions, 0 deletions