On 05/08/2012 12:38 PM, Samuel Thibault wrote: > Hello, > > (From http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670478 ) > > cp/parent-perm-race tries to copy a fifo with the --copy-contents > option. The problem is that cp still uses O_NOFOLLOW in that case, > strace shows: > > open("mode/fifo", O_RDONLY|O_NOFOLLOW) > > O_NOFOLLOW is actually normally meant for security, to avoid attacks > through symlink redirection. In that case, the Hurd thus disables > translators too, to avoid any rogue translator that would achieve the > same kind attack as symlink redirection. But then --copy-contents can > not work, since the fifo thus can not work (it's a translator that > implements it). I don't think either the Hurd or coreutils will want to > change their behavior, so could the test be disabled on GNU/Hurd?
I can't help but think that Hurd is broken for disabling fifos, since POSIX is quite clear that O_NOFOLLOW has no effect on any file type except symlinks. http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html O_NOFOLLOW If path names a symbolic link, fail and set errno to [ELOOP]. I wouldn't object to yet another O_* flag that can be used to disable translators, but don't see how breaking POSIX semantics of a FIFO just because O_NOFOLLOW was used is warranted. -- Eric Blake [email protected] +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
