This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: ~/.localtime ?
On Thu, Mar 29, 2012 at 9:57 AM, Andreas Jaeger <aj@suse.com> wrote:
> On Thursday, March 01, 2012 14:15:44 Roland McGrath wrote:
>> Running programs are not going to be reliably affected unless you
>> provoke them to call tzset or equivalent, anyway. ?Having things
>> stat'ing a file implicitly all the time just to see if it changed is
>> not viable because of the performance hit and unwanted exposure to
>> filesystem flakiness. ?So I don't think you can reasonably get what
>> you're after this way. ?Having things refer to a new file implicitly
>> has all sorts of other complications wrt security concerns and so on.
>
> Roland,
>
> To display the local time, functions call localtime - and that one invokes
> already tzset.
>
> AFAIU changing /etc/localtime changes already today the time of the desktop
> clocks running on a system, so my proposal would indeed add a second
> location - and we should stat ~/.localtime first and only stat
> /etc/localtime if ~/.localtime does not exist.
>
> I talked with our security guys - they came up with this proposal ;) - and
> I don't see a security concern here for displaying the users localtime.
I like the proposal, but I'd like to see it fleshed out in more detail.
Could you write something up on the wiki under
http://sourceware.org/glibc/wiki/#InternalsDocumentation, and
documenting the following:
* What files are involved e.g. ~/.localtime is new.
* Interfaces that would be affected.
* Use cases that would be affected.
* Use cases that break if any.
* Performance implications.
etc. etc.
Cheers,
Carlos.