On 08/09/2017 10:22 AM, Greg Kurz wrote: >>> >>> The solution is to use O_PATH: openat() now succeeds in both cases, and we >>> can ensure the path isn't a symlink with fstat(). The associated entry in >>> "/proc/self/fd" can hence be safely passed to the regular chmod() syscall. >> >> Hey - should we point this out as a viable solution to the glibc folks, >> since their current user-space emulation of AT_SYMLINK_NOFOLLOW is broken? >> > > Probably. What's the best way to do that ?
I've added a comment to https://sourceware.org/bugzilla/show_bug.cgi?id=14578; you'll also want to point to the lkml discussion in that bug. And reading that bug, it also looks like your hack with /proc/self/fd has been proposed by Rich Felker since 2013! (although fstat() didn't work until Linux 3.6, even though O_PATH predates that time) - so there is that one additional concern of whether we need to cater to the window of kernels where O_PATH exists but fstat() on that fd can't learn whether we opened a symlink. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
