summary refs log tree commit diff
path: root/manual/filesys.texi
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>1996-09-28 03:24:10 +0000
committerUlrich Drepper <drepper@redhat.com>1996-09-28 03:24:10 +0000
commitd68171edce96cb59b5cb869f6a82afcc50db00be (patch)
treef149db9027e600965c482e090c29bd058eea3454 /manual/filesys.texi
parentc40298232a7ed3fb1b64eb4ffe352829deb79694 (diff)
downloadglibc-d68171edce96cb59b5cb869f6a82afcc50db00be.tar.gz
glibc-d68171edce96cb59b5cb869f6a82afcc50db00be.tar.xz
glibc-d68171edce96cb59b5cb869f6a82afcc50db00be.zip
update from main archive 960927 cvs/libc-961001 cvs/libc-960929 cvs/libc-960928
Sat Sep 28 03:02:49 1996  Ulrich Drepper  <drepper@cygnus.com>
	* dirent/Makefile (routines): Add readdir_r.
	* dirent/readdir_r.c: New file.  Wrapper around readdir.c.
	* dirent/dirent.h: Add prototype for readdir_r.
	* misc/hsearch_r.c (ENTRY): Make field `used' of type `unsigned int'
	to prevent warnings.
	* sysdeps/unix/sysv/linux/getsysstats.c (get_proc_path):
 	Initialize `result'.

Sat Sep 28 01:16:42 1996  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/generic/strsep.c: Rename to __strsep and make strsep
	weak alias.
	* string/string.h: Add prototype for __strsep.
	* misc/mntent_r.c: Use __strsep instead of strsep to keep
	namespace clean.

	* sysdeps/stub/nanosleep.c: Rename to __libc_nanosleep and make
	__nanosleep and nanosleep weak aliases.
	* sysdeps/unix/sysv/linux/syscalls.list: Add __nanosleep as weak
	alias.
	* sysdeps/unix/sysv/linux/sleep.c: Call __nanosleep instead of
	nanosleep to keep namespace clean.

	* sysdeps/posix/ttyname.c (ttyname): Add cast to prevent warning.
	* sysdeps/posix/ttyname_r.c (ttyname_r): Likewise.
	* sysdeps/posix/getcwd.c (__getcwd): Likewise.

	* sysdeps/unix/nlist.c: Use ISO C definition since we don't always
	have prototype.

	* login/Makefile (headers): Add pty.h.
	* login/pty.h: New file.
	* sysdeps/generic/pty.h: Include <pty.h>.
	* login/pututline_r.c: Add cast to prevent warning.

	* gmon/gmon.c: Add prototype for __profile_frequency.
	(monstartup): Add cast to prevent warning.
	* sysdeps/generic/prof-freq.c: Change to use ISO C style definition.

	* locale/programs/ld-time.c (time_output): Write `era' information
	in correct order.

Sat Sep 28 00:11:08 1996  Ulrich Drepper  <drepper@cygnus.com>

	* sysdeps/unix/sysv/linux/syscalls.list: Add weak alias
	`adjtimex'.
	Set caller for mlock, mlockall, mremap, munlock, and munlockall
	to EXTRA.
	Reported by Matthias Urlichs <smurf@smurf.noris.de>.

1996-09-27  Paul Eggert  <eggert@twinsun.com>

	* strftime.c (strftime): Output incomplete formats like %E
	at end of string.

1996-09-27  Paul Eggert  <eggert@twinsun.com>

	* strftime.c (strftime): Add support for %EC and %Ey.
	Fix support for %EY.  This uses the new _nl_get_era_entry function.

Fri Sep 27 14:12:27 1996  Ulrich Drepper  <drepper@cygnus.com>

	Security related patch by Elliot Lee <sopwith@redhat.com> and
	David Holland <dholland@eecs.harvard.edu>.

	* inet/rexec.c (rexec): Increase size of `num' array from 8 to 32.
	* inet/ruserpass.c (ruserpass): Don't allow $HOME envvar to not exist.

	* sysdeps/generic/getenv.c (__secure_getenv): New function.  Return
	NULL when programs runs with SUID or SGID enabled.
	* sysdeps/stub/getenv.c: Make __secure_getenv an alias of getenv.
	* stdlib/stdlib.h: Add prototype for __secure_getenv.

	* locale/setlocale.c: Use __secure_getenv.
	* resolv/res_init.c: Likewise.
	* resolv/res_query.c: Likewise.
	* inet/ruserpass.c: Likewise.
	* sysdeps/posix/tempname.c: Likewise.
	* malloc/mtrace.c: Likewise.
	* catgets/catgets.c: Likewise.

	Make temporary file handling functions reentrant.

	* stdio-common/tmpnam.c: Rewrite to have own buffer to write
	result to.  The called __stdio_gen_tempname function must be
	thread safe.
	* stdio-common/tmpnam_r.c: New file.
	* stdio/stdio.h: Add prototype for `tmpnam_r'.
	Change prototype for __stdio_gen_tempname.
	* stdio/libio.h: Likewise.
	* sysdeps/posix/tempname.c: Add new parameters and use them instead
	of static buffer.
	Don't reset `indeces' when PID changed between calls.
	Don't fail for long running programs when index counter once
	reached the limit.
	* sysdeps/stub/tempname.c: Likewise.
	* stdio-common/tempnam.c: Provide local buffer as extra argument
	to __stdio_gen_tempname.  This makes this function reentrant.
	* stdio-common/tmpfile.c: Likewise.
	* stdio-common/temptest.c: Provide extra argument to
	__stdio_gen_tempname.
	* manual/filesys.texi: Describe tmpnam_r and add comments about
	reentrancy of the functions.

	* inet/rcmd.c: Fixed address length handling.

	* sysdeps/posix/mk-stdiolim.c: Count final \0 byte in L_tmpnam value.

	* time/strftime.c: Remove unused variables alt_digits and
 	end_alt_digits.

	* sysdeps/unix/sysv/linux/sys/sysinfo.h: Correct prototype names
	for get_nprocs and get_nprocs_conf.
	* sysdeps/generic/sys/sysinfo.h: Likewise.

	* stdlib/test-canon.c: Finally do the right fix.

	* misc/Makefile: Only compile force-wrapper when compiling
	reentrant libc.
Diffstat (limited to 'manual/filesys.texi')
-rw-r--r--manual/filesys.texi77
1 files changed, 48 insertions, 29 deletions
diff --git a/manual/filesys.texi b/manual/filesys.texi
index d2afe8623f..e269663e70 100644
--- a/manual/filesys.texi
+++ b/manual/filesys.texi
@@ -261,7 +261,7 @@ are declared in the header file @file{dirent.h}.
 @comment dirent.h
 @comment POSIX.1
 @deftp {Data Type} DIR
-The @code{DIR} data type represents a directory stream.  
+The @code{DIR} data type represents a directory stream.
 @end deftp
 
 You shouldn't ever allocate objects of the @code{struct dirent} or
@@ -333,7 +333,7 @@ The @var{dirstream} argument is not valid.
 @comment POSIX.1
 @deftypefun int closedir (DIR *@var{dirstream})
 This function closes the directory stream @var{dirstream}.  It returns
-@code{0} on success and @code{-1} on failure.  
+@code{0} on success and @code{-1} on failure.
 
 The following @code{errno} error conditions are defined for this
 function:
@@ -443,7 +443,7 @@ following @code{errno} error conditions are defined for this function:
 @item EACCES
 You are not allowed to write the directory in which the new link is to
 be written.
-@ignore 
+@ignore
 Some implementations also require that the existing file be accessible
 by the caller, and use this error to report failure for that reason.
 @end ignore
@@ -627,7 +627,7 @@ The function @code{unlink} is declared in the header file @file{unistd.h}.
 
 This function returns @code{0} on successful completion, and @code{-1}
 on error.  In addition to the usual file name errors
-(@pxref{File Name Errors}), the following @code{errno} error conditions are 
+(@pxref{File Name Errors}), the following @code{errno} error conditions are
 defined for this function:
 
 @table @code
@@ -672,7 +672,7 @@ are two additional @code{errno} error conditions defined for
 @table @code
 @item ENOTEMPTY
 @itemx EEXIST
-The directory to be deleted is not empty.  
+The directory to be deleted is not empty.
 @end table
 
 These two error codes are synonymous; some systems use one, and some use
@@ -851,20 +851,20 @@ This section contains information about how you can inquire about and
 modify these attributes of files.
 
 @menu
-* Attribute Meanings::          The names of the file attributes, 
+* Attribute Meanings::          The names of the file attributes,
                                  and what their values mean.
 * Reading Attributes::          How to read the attributes of a file.
 * Testing File Type::           Distinguishing ordinary files,
-                                 directories, links... 
+                                 directories, links...
 * File Owner::                  How ownership for new files is determined,
 			         and how to change it.
 * Permission Bits::             How information about a file's access
-                                 mode is stored. 
+                                 mode is stored.
 * Access Permission::           How the system decides who can access a file.
 * Setting Permissions::         How permissions for new files are assigned,
 			         and how to change them.
 * Testing File Access::         How to find out if your process can
-                                 access a file. 
+                                 access a file.
 * File Times::                  About the time attributes of a file.
 @end menu
 
@@ -1079,7 +1079,7 @@ a socket, and so on.  For information about the access permission,
 @ref{Permission Bits}.
 
 There are two predefined ways you can access the file type portion of
-the file mode.  First of all, for each type of file, there is a 
+the file mode.  First of all, for each type of file, there is a
 @dfn{predicate macro} which examines a file mode value and returns
 true or false---is the file of that type, or not.  Secondly, you can
 mask out the rest of the file mode to get just a file type code.
@@ -1260,7 +1260,7 @@ bits may not be appropriate for the new owner.)  The other file
 permission bits are not changed.
 
 The return value is @code{0} on success and @code{-1} on failure.
-In addition to the usual file name errors (@pxref{File Name Errors}), 
+In addition to the usual file name errors (@pxref{File Name Errors}),
 the following @code{errno} error conditions are defined for this function:
 
 @table @code
@@ -1421,7 +1421,7 @@ This is equivalent to @samp{(S_IROTH | S_IWOTH | S_IXOTH)}.
 @comment POSIX
 @item S_ISUID
 @vindex S_ISUID
-This is the set-user-ID on execute bit, usually 04000. 
+This is the set-user-ID on execute bit, usually 04000.
 @xref{How Change Persona}.
 
 @comment sys/stat.h
@@ -1462,7 +1462,7 @@ arose since the last run.
 
 On some modern systems where the sticky bit has no useful meaning for an
 executable file, you cannot set the bit at all for a non-directory.
-If you try, @code{chmod} fails with @code{EFTYPE}; 
+If you try, @code{chmod} fails with @code{EFTYPE};
 @pxref{Setting Permissions}.
 
 Some systems (particularly SunOS) have yet another use for the sticky
@@ -1527,7 +1527,7 @@ The bits that are set in the file creation mask identify permissions
 that are always to be disabled for newly created files.  For example, if
 you set all the ``other'' access bits in the mask, then newly created
 files are not accessible at all to processes in the ``other''
-category, even if the @var{mode} argument specified to the creation 
+category, even if the @var{mode} argument specified to the creation
 function would permit such access.  In other words, the file creation
 mask is the complement of the ordinary access permissions you want to
 grant.
@@ -1671,7 +1671,7 @@ files off-limits to ordinary users---for example, to modify
 @file{/etc/passwd}.  Programs designed to be run by ordinary users but
 access such files use the setuid bit feature so that they always run
 with @code{root} as the effective user ID.
- 
+
 Such a program may also access files specified by the user, files which
 conceptually are being accessed explicitly by the user.  Since the
 program runs as @code{root}, it has permission to access whatever file
@@ -1776,7 +1776,7 @@ Argument that means, test for existence of the file.
 Each file has three timestamps associated with it:  its access time,
 its modification time, and its attribute modification time.  These
 correspond to the @code{st_atime}, @code{st_mtime}, and @code{st_ctime}
-members of the @code{stat} structure; see @ref{File Attributes}.  
+members of the @code{stat} structure; see @ref{File Attributes}.
 
 All of these times are represented in calendar time format, as
 @code{time_t} objects.  This data type is defined in @file{time.h}.
@@ -1832,7 +1832,7 @@ named @var{filename}.
 If @var{times} is a null pointer, then the access and modification times
 of the file are set to the current time.  Otherwise, they are set to the
 values from the @code{actime} and @code{modtime} members (respectively)
-of the @code{utimbuf} structure pointed at by @var{times}.  
+of the @code{utimbuf} structure pointed at by @var{times}.
 
 The attribute modification time for the file is set to the current time
 in either case (since changing the timestamps is itself a modification
@@ -1938,12 +1938,14 @@ this file, you must remove the old file explicitly first.
 
 If you need to use a temporary file in your program, you can use the
 @code{tmpfile} function to open it.  Or you can use the @code{tmpnam}
-function make a name for a temporary file and then open it in the usual
-way with @code{fopen}.
+(better: @code{tmpnam_r}) function make a name for a temporary file and
+then open it in the usual way with @code{fopen}.
 
 The @code{tempnam} function is like @code{tmpnam} but lets you choose
 what directory temporary files will go in, and something about what
-their file names will look like.
+their file names will look like.  Important for multi threaded programs
+is that @code{tempnam} is reentrant while @code{tmpnam} is not since it
+returns a pointer to a static buffer.
 
 These facilities are declared in the header file @file{stdio.h}.
 @pindex stdio.h
@@ -1956,6 +1958,8 @@ calling @code{fopen} with mode @code{"wb+"}.  The file is deleted
 automatically when it is closed or when the program terminates.  (On
 some other ANSI C systems the file may fail to be deleted if the program
 terminates abnormally).
+
+This function is reentrant.
 @end deftypefun
 
 @comment stdio.h
@@ -1964,14 +1968,26 @@ terminates abnormally).
 This function constructs and returns a file name that is a valid file
 name and that does not name any existing file.  If the @var{result}
 argument is a null pointer, the return value is a pointer to an internal
-static string, which might be modified by subsequent calls.  Otherwise,
-the @var{result} argument should be a pointer to an array of at least
-@code{L_tmpnam} characters, and the result is written into that array.
-
-It is possible for @code{tmpnam} to fail if you call it too many times.
-This is because the fixed length of a temporary file name gives room for
-only a finite number of different names.  If @code{tmpnam} fails, it
-returns a null pointer.
+static string, which might be modified by subsequent calls and therefore
+makes this function non-reentrant.  Otherwise, the @var{result} argument
+should be a pointer to an array of at least @code{L_tmpnam} characters,
+and the result is written into that array.
+
+It is possible for @code{tmpnam} to fail if you call it too many times
+without removing previously created files.  This is because the fixed
+length of a temporary file name gives room for only a finite number of
+different names.  If @code{tmpnam} fails, it returns a null pointer.
+@end deftypefun
+
+@comment stdio.h
+@comment GNU
+@deftypefun {char *} tmpnam_r (char *@var{result})
+This function is nearly identical to the @code{tmpnam} function.  But it
+does not allow @var{result} to be a null pointer.  In the later case a
+null pointer is returned.
+
+This function is reentrant because the non-reentrant situation of
+@code{tmpnam} cannot happen here.
 @end deftypefun
 
 @comment stdio.h
@@ -2006,13 +2022,16 @@ prefix for the file name.  The return value is a string newly allocated
 with @code{malloc}; you should release its storage with @code{free} when
 it is no longer needed.
 
+Because the string is dynamically allocated this function is reentrant.
+
 The directory prefix for the temporary file name is determined by testing
 each of the following, in sequence.  The directory must exist and be
 writable.
 
 @itemize @bullet
 @item
-The environment variable @code{TMPDIR}, if it is defined.
+The environment variable @code{TMPDIR}, if it is defined.  For security
+reasons this only happens if the program is not SUID or SGID enabled.
 
 @item
 The @var{dir} argument, if it is not a null pointer.