James Carlson wrote: > > The part that tripped me up here was the double stat(). The actual > code seems to use a "stat-opendir-fstat-fstat" pattern, where that > first fstat is the "new" one, and is actually there just to dummy out > the results from the second one. (As a code review comment, it looks > like this dummying-out could be done by way of a boolean_t rather than > calling fstat() an extra time merely to overwrite &statb.) > >
Hmm, with the fstat() as show in the code, I'd agree. But what I'm proposing is to redo the stat() and still do the security check. What if the directory had been moved? With autofs, this is very unlikely. With nfs, it can happen. My intent is to provide a mechanism to detect such edge conditions.
