With support for ACLs in Mac OS X, there is a way to declare a file as writeable but non-deletable.
This poses a problem with atomic writes, since the current implementation of rename
in VFS delete
s a pre-existing target. If you have an existing file, which you have write privileges on, it is possible to be unable to atomically write to:
Simply attach an ACL that states deny delete
and an atomic write (like implemented by various Cocoa APIs — e.g. NSArray's writeToFile:atomically:
) will fail, while a non-atomic write will happily succeed.
Since my understanding of low-level C code is fairly limited:
Is an alternative implementation feasible with only minor (insert your favorite definition of "minor") headaches?
Thanks
Daniel
A viable alternative would seem to create the file in a temporary directory, then call
exchangedata
on both files. HFS exports theVOL_CAP_INT_EXCHANGEDATA
attribute, so that should work. The relevant checks in vfs_syscalls.c indicate that only read and write permissions are necessary for the call to succeed.