I made symbolic links “ln -s /etc/ssl/cert.pem <some file>”. I used the realpath command and it worked in the software I submitted.
On Thu, Jun 4, 2020 at 11:06 AM Theo de Raadt <[email protected]> wrote: > No. > > I'm guessing you don't understand symbolic links. > > Look, this is a waste of time. > > > Luke Small <[email protected]> wrote: > > > --00000000000080daf105a7444c30 > > Content-Type: text/plain; charset="UTF-8" > > Content-Transfer-Encoding: 8bit > > > > In the case of 10000 URLs couldn’t you at least merely unveil “./“ as > “cw”; > > make any specified cafile/capath including shortcut resolution as “r” > > (perhaps with the shell “x”) so that at worst, current directory files > > could be overwritten, but not read? > > > > On Wed, Jun 3, 2020 at 10:39 AM Theo de Raadt <[email protected]> > wrote: > > > > > You really don't get it. > > > > > > + unveil_list = calloc(2 * argc, sizeof(char*)); > > > > > > Imagine argc is 10000. > > > > > > + for (i = 2 * argc - 2; i >= 0; i -= 2) { > > > + if (unveil_list[i]) { > > > + if (unveil(unveil_list[i], > "r") == > > > -1) > > > ... > > > + if (unveil_list[i | 1]) { > > > + if (unveil(unveil_list[i | 1], > > > "cw") == -1) > > > + err(1, "unveil"); > > > ... > > > > > > > > > E2BIG The addition of path would exceed the > per-process > > > limit for unveiled paths. > > > > > > > > > Great, under fairly normal usage ftp aborts with an error. > > > > > > Since you start with up to 8 others, it looks like this limit is easily > > > hit at around 120 filenames. > > > > > > So ftp simply fails to perform the task it is designed for. > > > > > > Your proposal is to break the command. > > > > > > -- > > -Luke > > > > --00000000000080daf105a7444c30 > > Content-Type: text/html; charset="UTF-8" > > Content-Transfer-Encoding: 8bit > > > > <div><div dir="auto">In the case of 10000 URLs couldn’t you at least > merely unveil “./“ as “cw”; make any specified cafile/capath including > shortcut resolution as “r” (perhaps with the shell “x”) so that at worst, > current directory files could be overwritten, but not > read?</div></div><div><br><div class="gmail_quote"><div dir="ltr" > class="gmail_attr">On Wed, Jun 3, 2020 at 10:39 AM Theo de Raadt <<a > href="mailto:[email protected]";>[email protected]</a>> > wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px > 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">You > really don't get it.<br> > > <br> > > + unveil_list = calloc(2 * argc, > sizeof(char*));<br> > > <br> > > Imagine argc is 10000.<br> > > <br> > > + for (i = 2 * argc - 2; i >= 0; i -= 2) {<br> > > + if (unveil_list[i]) {<br> > > + if (unveil(unveil_list[i], > "r") == -1)<br> > > ...<br> > > + if (unveil_list[i | 1]) {<br> > > + if (unveil(unveil_list[i | 1], > "cw") == -1)<br> > > + err(1, > "unveil");<br> > > ...<br> > > <br> > > <br> > > E2BIG The addition of path would exceed the > per-process<br> > > limit for unveiled paths.<br> > > <br> > > <br> > > Great, under fairly normal usage ftp aborts with an error. <br> > > <br> > > Since you start with up to 8 others, it looks like this limit is > easily<br> > > hit at around 120 filenames.<br> > > <br> > > So ftp simply fails to perform the task it is designed for.<br> > > <br> > > Your proposal is to break the command.<br> > > <br> > > </blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" > data-smartmail="gmail_signature">-Luke</div> > > > > --00000000000080daf105a7444c30-- > -- -Luke
