[Samba] non-atomicity of MoveFile() and MoveFileEx() applied to a samba share
Joshua Hudson
joshudson at gmail.com
Thu Oct 4 19:45:31 UTC 2018
So I've long known there is a race condition involving MoveFile() and
MoveFileEx() where even without MOVEFILE_REPLACE_EXISTING, a file can
be moved onto an existing file, clobbering it.
I don't know if it's possible to actually fix this because I don't
know if there's enough information on in the CIFS protocol or not;
however the expectation of the programmer is this race condition does
not exist.
I used to think this was absolutely unfixable; however I noticed the
linux systemcall renameat2 has a flag RENAME_NOREPLACE to atomically
prevent clobbering an existing file. This means if the CIFS wire
protocol has enough information, this race condition can go away. If
the CIFS wire protocol doesn't have enough information I'd like to
know about it so I can file a documentation bug with MS.
More information about the samba
mailing list