On Wed, 9 Aug 2017 10:59:46 -0500 Eric Blake <ebl...@redhat.com> wrote:
> On 08/09/2017 10:22 AM, Greg Kurz wrote: > > >>> > >>> The solution is to use O_PATH: openat() now succeeds in both cases, and we > >>> can ensure the path isn't a symlink with fstat(). The associated entry in > >>> "/proc/self/fd" can hence be safely passed to the regular chmod() > >>> syscall. > >> > >> Hey - should we point this out as a viable solution to the glibc folks, > >> since their current user-space emulation of AT_SYMLINK_NOFOLLOW is broken? > >> > > > > Probably. What's the best way to do that ? > > I've added a comment to > https://sourceware.org/bugzilla/show_bug.cgi?id=14578; you'll also want > to point to the lkml discussion in that bug. And reading that bug, it > also looks like your hack with /proc/self/fd has been proposed by Rich > Felker since 2013! (although fstat() didn't work until Linux 3.6, even > though O_PATH predates that time) - so there is that one additional > concern of whether we need to cater to the window of kernels where > O_PATH exists but fstat() on that fd can't learn whether we opened a > symlink. > BTW, what happens with fstat() and O_PATH before Linux 3.6 ? Does it fail or does it return something wrong in th stat buf ?
Description: OpenPGP digital signature