[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Windows XP "Access denied" svn_io_rename

From: <rbb_at_rkbloom.net>
Date: 2003-10-27 18:53:52 CET

On Mon, 27 Oct 2003, [UTF-8] Branko Čibej wrote:

> Luke Blanshard wrote:
>
> > Branko Čibej wrote:
> >
> >> Luke Blanshard wrote:
> >>
> >>
> >>> It is of course a pity that Windows doesn't share Unix's approach to
> >>> atomicity in the filesystem.
> >>>
> >>
> >> The operation that's failing isn't atomic on Unix, either...
> >>
> > Really? The operation that's failing is a rename -- isn't it? That's
> > (at least usually) atomic on Unix -- right?
>
> No, the operation that's failing is "write temp+delete orig+rename temp
> to orig", which is not atomic on any system I know of. Rename itself is
> atomic on Windows, but it fails because another proces opens (and
> implicitly locks) the file between the close after the write and the rename.
>
> Which suggests a simple solution, using the following (Windows-specific)
> algorithm:
>
> 1. open temp (no sharing)
> 2. write contents to temp
> 3. delete orig
> 4. rename temp to orig
> 5. close temp
>
> This would prevent virus scanners etc. from grabbing our file between
> the close and the rename. Unfortunately we can't do that with the
> functionality offered by APR. We'd have to introduce a new function with
> a Win32-specific implementation, yuck.

Or, you could "fix" APR in a strange way. :-)

I have always hated the APR security model, because I couldn't figure out
how to abstract permissions between Unix and Windows. I actually
originally stated that the APR security stuff was just supposed to be
temporary, but nobody could come up with a good solution. However, you
can fix this. Currently the Windows implementation of apr_open completely
ignores the perm flag. That is really very bogus. That perm flag (the
last time I checked) is just a direct map of Unix permissions (ie user
read, user write, user exec, group read, group write, etc).

If apr_open on Windows is taught to respect the group and world
permissions, this problem can be solved. Currently apr_open on Windows
always opens everything share_read and share_write. This should be
conditional based on group/world permissions (least permissive wins).

For example:

        group perms world perms share_mode
           7 0 0
           7 7 SHARE_READ | SHARE_WRITE
           5 4 SHARE_READ

and so on.

If you make this change, you can solve this bug with straight APR calls.

Ryan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Oct 27 18:56:26 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.