Hi Paul, First of all thanks for the exceptionally quick response & fix. The mode of the file system isn't so much a security feature but a reflection of its functionality: As you drop files into a particular area, they are moved somewhere else under the hood by the fuse. But given what you are saying about expecting issues like this with more tools, I may actually make directories readable to avoid issues.
You did get my name ever so slightly wrong in the patch, but if that's already committed, then don't bother with it. Cheers, Seb On 23 September 2015 at 15:09, Paul Eggert <[email protected]> wrote: > Sebastian Unger wrote: > >> Why is it trying to open the directory >> in the first place? >> > > Security. > > Apparently POSIX doesn't allow this level of paranoia for mkdir -p, so I > removed it in the attached Gnulib patch, and this should appear in the next > coreutils release. > > A filesystem that doesn't let you read your own directory that you just > created is likely to run into other problems like this -- i.e., the > practice may introduce more security problems than it closes. But I > digress. >
