On 02/10/2015 06:37 PM, Rich Felker wrote: > On Tue, Feb 10, 2015 at 01:47:01AM -0600, Rob Landley wrote: >> rapidly respond to arbitrary file creation ala inotify, we're toast. So >> the attack vector would be... saturating the namespace with symlinks? >> (It'd be really nice if O_NOFOLLOW was more generally applicable, but >> we've had that fight. Also the posix function is specified NOT to use >> O_NOFOLLOW. So let's assume symlink attacks are doable here and somehow >> useful even with O_EXCL, creating the file at a known location you can >> spin to check for or something.) > > Which POSIX function is specified not to use O_NOFOLLOW?
faccessat() for starters. :) Makes me a touch reluctant to give it much credence anywhere else after that mess. Rob _______________________________________________ Toybox mailing list Toybox@lists.landley.net http://lists.landley.net/listinfo.cgi/toybox-landley.net