Date: Mon, 26 Jun 2000 02:45:44 -0700 From: Peter Wemm <peter@netplex.com.au> To: Warner Losh <imp@village.org> Cc: netch@lucky.net, freebsd-security@FreeBSD.ORG Subject: Re: O_NOFOLLOW Message-ID: <20000626094544.AEE461CD7@overcee.netplex.com.au> In-Reply-To: Message from Warner Losh <imp@village.org> of "Sun, 25 Jun 2000 20:48:05 MDT." <200006260248.UAA14432@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote: > In message <20000613152211.B42067@lucky.net> Valentin Nechayev writes: > : O_NOFOLLOW flag for open() syscall exists since 3.0-CURRENT and is quite > : useful for secure open, but is not documented in open(2) man page yet. > : Do FreeBSD team have its disclosing in plans? > > I'm not sure that it works from userland. At least that's what I > recall from testing at one point... The original issue was what to do if you actually got a symlink. In the original implementation, you could open/read/write the symlink itself, but there were some pretty evil constraints. As I recall, the currently committed code will let you open a symlink but not read or write it. If you are intending to use it in a security role, you still need to fstat it to make sure it is the file you intended and not a handle on some symlink. This should be documented somehere.. It does not return EISLINK or something like that when pointed at a symlink. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000626094544.AEE461CD7>