[asterisk-bugs] [Asterisk 0010781]: [patch] Doesn't lock config files when writing

noreply at bugs.digium.com noreply at bugs.digium.com
Tue Sep 25 17:56:49 CDT 2007


A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=10781 
====================================================================== 
Reported By:                paravoid
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   10781
Category:                   Core/Configuration
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     ready for testing
Asterisk Version:           1.4.11  
SVN Branch (only for SVN checkouts, not tarball releases): N/A  
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             09-21-2007 00:48 CDT
Last Modified:              09-25-2007 17:56 CDT
====================================================================== 
Summary:                    [patch] Doesn't lock config files when writing
Description: 
Asterisk does not use flock() to lock configuration files when writing them
on config_text_file_save().

This was originally reported as Debian bug
http://bugs.digium.com/view.php?id=353227 by John Goerzen. In his
own words:
"It appears to not protect the file even against itself.  It certainly
doesn't use flock() to protect it against others.

This is a problem for several reasons.  First, of course, people can be
hand-editing the file to add or remove users.  Secondly, automated
programs may be appending data to it for the same purpose.

We've noticed corruption in our file and are almost certain that this is
the culprit."
====================================================================== 

---------------------------------------------------------------------- 
 Corydon76 - 09-25-07 17:56  
---------------------------------------------------------------------- 
tzafrir:  not quite sure how that's relevant.  This technique will prevent
corruption on Asterisk's behalf.  There isn't anything we can do to avoid
corruption by another utility. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
09-25-07 17:56  Corydon76      Note Added: 0071092                          
======================================================================




More information about the asterisk-bugs mailing list