OpenSSH
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: HiddenStore option may be useful

from [Jefferson Ogata] [Permanent Link][Original]
To: openssh-unix-dev@mindrot.org
Subject: Re: HiddenStore option may be useful
From: Jefferson Ogata <Jefferson.Ogata@noaa.gov>
Date: Sun, 15 Apr 2007 07:20:29 +0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: openssh-unix-dev-list1@securepoint.com
Delivered-to: openssh-unix-dev-tmda@mindrot.org
Delivered-to: openssh-unix-dev@mindrot.org
In-reply-to: <20070415041818.GA25270@wilbur.25thandClement.com>
List-archive: <http://lists.mindrot.org/pipermail/openssh-unix-dev>
List-help: <mailto:openssh-unix-dev-request@mindrot.org?subject=help>
List-id: Development of portable OpenSSH <openssh-unix-dev.mindrot.org>
List-post: <mailto:openssh-unix-dev@mindrot.org>
List-subscribe: <http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=subscribe>
List-unsubscribe: <http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev>, <mailto:openssh-unix-dev-request@mindrot.org?subject=unsubscribe>
References: <4620800C.3000000@ohzone.de> <462193F3.1010600@lakedaemon.net> <20070415041818.GA25270@wilbur.25thandClement.com>
Sender: openssh-unix-dev-bounces+openssh-unix-dev-list1=securepoint.com@mindrot.org
User-agent: Mozilla/4.0 (compatible;MSIE 5.5; Windows 98) 
On 2007-04-15 04:18, William Ahern wrote:
> On Sat, Apr 14, 2007 at 10:54:43PM -0400, Jason wrote:
>> Thomas Blank wrote:
>>> I'm missing a HiddenStore option in OpenSSH, known from some ftp-server 
>>> implementations like ProFTPd.
>>>
>>> Consider the following scenario:
>>> - A process PROCA is frequently polling the directory for a file called 
>>> myfile.txt
>>> - Someone transfers this file via sftp or scp to the directory
>>> - While transfer is going on and the file is not completely written, 
>>> PROCA reads in the file and removes is
>>> -> Corrupt data is seen by PROCA
>>>
>>> Knowing this problem you have to solutions:
>>> 1. PROCA must check if myfile.txt is changing (filesize, mtime...) and 
>>> wait until it does not change any more
>>> 2. sftp and scp use a HiddenStore by writing the file with a unique 
>>> filename (eg. .myfile.txt) and renaming it at the end of the transfer 
>>> (mv .myfile.txt myfile.txt)
>>>
>>> What do you think about this?
>> Why not have PROCA use inotify?
>>
>> See /usr/src/linux/Documentation/filesystems/inotify.txt
> 
> How does that address the race condition? inotify is just a better poll in
> this case. It doesn't even tell you how many processes have an open
> descriptor.
[snip]
> The only real answer, in this case, for race free, provably correct
> behavior, is to hack up sftp. OTOH, if "good enough" is sufficient, you're
> probably already there.

Most systems have fuser. PROCA could either shell out to fuser or do
whatever fuser does on your target platform. This doesn't protect you if
the sftp/scp gets killed, but it comes closer.

An even better option is to do the transfer using tunneled rsync, which
does a HiddenStore-type thing on its own.

Not that I'm against the HiddenStore option. But I don't see why it's
really necessary for this particular case.

-- 
Jefferson Ogata <Jefferson.Ogata@noaa.gov>
NOAA Computer Incident Response Team (N-CIRT) <ncirt@noaa.gov>
"Never try to retrieve anything from a bear."--National Park Service
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: HiddenStore option may be useful, Daniel Kahn Gillmor
Next by Date:  Re: HiddenStore option may be useful, Jason
Previous by Thread:  Re: HiddenStore option may be useful, William Ahern
Next by Thread:  Re: HiddenStore option may be useful, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]