Re: [libvirt] [PATCH 2/3] qemuDomainAttachDeviceMknodHelper: unlink() not so often

On Wed, Jan 04, 2017 at 03:13:56PM +0100, Michal Privoznik wrote: >Not that I'd encounter any bug here, but the code doesn't look >100% correct. Imagine, somebody is trying to attach a device to a >domain, and the device's /dev entry already exists in the qemu >namespace. This is handled gracefully and the control continues >with setting up ACLs and calling security manager to set up >labels. Now, if any of these steps fail, control jump on the >'cleanup' label and unlink() the file straight away. Even when it >was not us who created the file in the first place. This can be >possibly dangerous. > "Don't unlink non-existing files" or something similar would be enough, I guess :)