how to restrict access of FIFO-pipes to two dedicated processes?

From: bine (sabine.hubrig-schaumburg_at_sungard.de)
Date: 04/16/04

  • Next message: Uri Raz: "TCP/IP Applications FAQ" 
    Date: 16 Apr 2004 07:40:08 -0700

    I want to use a pipe to directly zip data written out of a
    (MF-cobol-)programm, because the I/O for writing the amount of
    uncompressed data costs more time (at a special customer's
    configuration) than the CPU for the additional zipping...

    so I create the pipe with
    mknod MYPIPE p
    (in fact inside of the Cobolprogram by making a systemcall)

    I start the zipping with
    gzip -1 < MYPIPE > MYPIPE.gz &
    (equally from COB)

    and then I write into the pipe using this "file" MYPIPE for normal
    OPEN OUTPUT,
    when I CLOSE the file, the gzip is finished and the data is ok...

    BUT:
    if someone on purpose or by accident accesses the pipe in the meantime
    during my usage, there will be a lack of data, as this pipe is open to
    all usage as long as it "lives". Recuding the normal fileaccessrights
    (chmod go-rw ...) only reduces the problem but still gives a
    percentage of risk, as my user still can "steal" data by simply
    calling more, head, ... and receiving some bytes which were meant for
    the gzip.
    I tried this damage "successfully" on AIX 5.2 as well as on Linux
    (2.4.21-198-smp #1 SMP Thu Mar 11 17:56:49 UTC 2004 i686 unknown).

    I can't believe that there should be no command to restrict the
    access, but I fear it might be somewhere deep inside the coding of the
    operatingsystemcalls and not usable as simple shellscript-syntax?

  • Next message: Uri Raz: "TCP/IP Applications FAQ"

    Relevant Pages

    • Re: A pipe (was: Worst shift)
      ... pick up Arnos west and do UX> CK> AGw, ... Interesting usage! ... Do staff on other lines use "pipe" this way? ...
      (uk.transport.london)
    • A pipe (was: Worst shift)
      ... so a typical 4 pipe turn would be one that does pick up ... pick up Arnos west and do UX> CK> AGw, ... Interesting usage! ... Do staff on other lines use "pipe" this way? ...
      (uk.transport.london)
    • Re: [9fans] i/o on a hangup channel asymmetry
      ... in my pipe there was a problem and not all of the data went through): ... where the latter prints a "usage" message and quits. ... you want to make sure the previous commands in the pipeline stop, ... cpu% sleep 1000000 | sleep 1 ...
      (comp.os.plan9)
    • Re: help on reducing file size while having a readable format
      ... that there might be a way to achieve significant size reduction, ... Assuming that your program writes it's file to stdout, just pipe the ... To read the file back in, again pipe it through gzip or bzip2, ...
      (comp.os.linux.development.apps)
    • Re: Tool to take snapshot of current installation
      ... the unusued blocks as well, and doesn't allow copying the data to a ... before running 'dd' then pipe through gzip and the ...
      (comp.os.linux.setup)