Re: [Qemu-devel] [for-2.10 PATCH v5] 9pfs: local: fix fchmodat_nofollow() limitations

On 08/10/2017 07:46 AM, Greg Kurz wrote: This function has to ensure it doesn't follow a symlink that could be used to escape the virtfs directory. This could be easily achieved if fchmodat() on linux honored the AT_SYMLINK_NOFOLLOW flag as described in POSIX, but it doesn't. There was a

[Qemu-devel] [for-2.10 PATCH v5] 9pfs: local: fix fchmodat_nofollow() limitations

This function has to ensure it doesn't follow a symlink that could be used to escape the virtfs directory. This could be easily achieved if fchmodat() on linux honored the AT_SYMLINK_NOFOLLOW flag as described in POSIX, but it doesn't. There was a tentative to implement a new fchmodat2() syscall