Various Berkeley DB interfaces take a mode argument, intended to specify
the underlying file permissions for created files. Berkeley DB currently ignores
this argument on Windows systems.
It would be possible to construct a set of security attributes to pass to
CreateFile that accurately represents the mode. In the worst
case, this would involve looking up user and all group names and creating
an entry for each. Alternatively, we could call the _chmod
(partial emulation) function after file creation, although this leaves us
with an obvious race.
Practically speaking, however, these efforts would be largely meaningless
on FAT, the most common file system, which only has a "readable" and
"writeable" flag, applying to all users.
When using the DB_SYSTEM_MEM flag, Berkeley DB shared regions are
created without ACLs, which means that the regions are only accessible
to a single user. If wider sharing is appropriate (e.g., both user
applications and Windows/NT service applications need to access the
Berkeley DB regions), the Berkeley DB code will need to be modified to create the
shared regions with the correct ACLs. Alternatively, by not specifying
the DB_SYSTEM_MEM flag, file-system backed regions will be
created instead, and the permissions on those files may be directly
specified through the DBENV->open interface.
On Windows/9X, files opened by multiple processes do not share data
correctly. For this reason, the DB_SYSTEM_MEM flag is implied
for any application that does not specify the DB_PRIVATE flag,
causing the system paging file to be used for sharing data. However,
paging file memory is freed on last close, implying that multiple
processes sharing an environment must arrange for at least one process
to always have the environment open, or, alternatively, that any process
joining the environment be prepared to re-create it. If a shared
environment is closed by all processes, a subsequent open without
specifying the DB_CREATE flag will result in the return of a
system EAGAIN error code.