From owner-freebsd-current@FreeBSD.ORG  Mon Mar 31 17:23:25 2008
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: current@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9B692106566C
	for <current@FreeBSD.ORG>; Mon, 31 Mar 2008 17:23:24 +0000 (UTC)
	(envelope-from kostikbel@gmail.com)
Received: from relay01.kiev.sovam.com (relay01.kiev.sovam.com [62.64.120.200])
	by mx1.freebsd.org (Postfix) with ESMTP id 85F998FC13
	for <current@FreeBSD.ORG>; Mon, 31 Mar 2008 17:23:24 +0000 (UTC)
	(envelope-from kostikbel@gmail.com)
Received: from [212.82.216.226] (helo=skuns.kiev.zoral.com.ua)
	by relay01.kiev.sovam.com with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.67) (envelope-from <kostikbel@gmail.com>) id 1JgNj6-0004dV-Fc
	for current@FreeBSD.ORG; Mon, 31 Mar 2008 20:23:23 +0300
Received: from deviant.kiev.zoral.com.ua (root@deviant.kiev.zoral.com.ua
	[10.1.1.148])
	by skuns.kiev.zoral.com.ua (8.14.2/8.14.2) with ESMTP id m2VHNPHQ087502
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <current@FreeBSD.ORG>; Mon, 31 Mar 2008 20:23:25 +0300 (EEST)
	(envelope-from kostikbel@gmail.com)
Received: from deviant.kiev.zoral.com.ua (kostik@localhost [127.0.0.1])
	by deviant.kiev.zoral.com.ua (8.14.2/8.14.2) with ESMTP id
	m2VHNEq9087828
	for <current@FreeBSD.ORG>; Mon, 31 Mar 2008 20:23:14 +0300 (EEST)
	(envelope-from kostikbel@gmail.com)
Received: (from kostik@localhost)
	by deviant.kiev.zoral.com.ua (8.14.2/8.14.2/Submit) id m2VHNETN087792
	for current@FreeBSD.ORG; Mon, 31 Mar 2008 20:23:14 +0300 (EEST)
	(envelope-from kostikbel@gmail.com)
X-Authentication-Warning: deviant.kiev.zoral.com.ua: kostik set sender to
	kostikbel@gmail.com using -f
Date: Mon, 31 Mar 2008 20:23:14 +0300
From: Kostik Belousov <kostikbel@gmail.com>
To: current@FreeBSD.ORG
Message-ID: <20080331172314.GO21209@deviant.kiev.zoral.com.ua>
References: <20080331153006.GK21209@deviant.kiev.zoral.com.ua>
	<20080331163747.GA5468@zim.MIT.EDU>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="vDEbda84Uy/oId5W"
Content-Disposition: inline
In-Reply-To: <20080331163747.GA5468@zim.MIT.EDU>
User-Agent: Mutt/1.4.2.3i
X-Virus-Scanned: ClamAV version 0.91.2,
	clamav-milter version 0.91.2 on skuns.kiev.zoral.com.ua
X-Virus-Status: Clean
X-Spam-Status: No, score=-4.4 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00
	autolearn=ham version=3.2.4
X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on
	skuns.kiev.zoral.com.ua
X-Scanner-Signature: 1118cf21f7425d415ed61e91afc5cb63
X-DrWeb-checked: yes
X-SpamTest-Envelope-From: kostikbel@gmail.com
X-SpamTest-Group-ID: 00000000
X-SpamTest-Info: Profiles 2532 [Mar 31 2008]
X-SpamTest-Info: helo_type=3
X-SpamTest-Info: {received from trusted relay: not dialup}
X-SpamTest-Method: none
X-SpamTest-Method: Local Lists
X-SpamTest-Rate: 0
X-SpamTest-Status: Not detected
X-SpamTest-Status-Extended: not_detected
X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0255], KAS30/Release
Cc: 
Subject: Re: Openat() and fexecve() committed
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2008 17:23:25 -0000


--vDEbda84Uy/oId5W
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 31, 2008 at 12:37:47PM -0400, David Schultz wrote:
> On Mon, Mar 31, 2008, Kostik Belousov wrote:
> > int main() {
> >    int dfd =3D open("/tmp/foo", O_RDONLY);
> >    int res;
> >   =20
> >    chmod("/tmp/foo", 0666);
> >   =20
> >    if (dfd !=3D -1) {
> >       res =3D openat(dfd, "bar", 0);
> >       printf("OPENAT returns: %d, errno: %s\n", res, strerror(errno));
> >    }
> >=20
> > }
> >=20
> > gives the error EACCESS on both Linux and FreeBSD, and succeeds on Sola=
ris.
> > The Solaris behaviour seems to be specified in the document cited above.
> > There are arguments in support of the both observed behaviour.
>=20
> Doesn't the latter behavior make it possible to bypass the usual
> permission checks on open("bar") via openat(AT_FDCWD, "bar")?
No, the point is that in the second case the permissions are checked
at the open() time, instead of the second case, where the permissions
are checked at the openat() time.

This is the same as open()ing some file, e.g., for read, and then revoking
the r bit from the vnode. You still can read the file given code did not
closed the filedescriptor.

--vDEbda84Uy/oId5W
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (FreeBSD)

iEYEARECAAYFAkfxHgEACgkQC3+MBN1Mb4hLcwCcCpVcdlQDkpSkplves3tZcsmb
ivgAoOnuX1FOnNZxY5/lh75gGPtheg9a
=QmML
-----END PGP SIGNATURE-----

--vDEbda84Uy/oId5W--