Date: Thu, 23 Feb 2023 14:24:34 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 269780] O_RESOLVE_BENEATH succeeds on ".." on "/" Message-ID: <bug-269780-227-gcfqLPN4lC@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-269780-227@https.bugs.freebsd.org/bugzilla/> References: <bug-269780-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D269780 --- Comment #2 from Dan Gohman <dev@sunfishcode.online> --- For example, if I have a network file server using O_RESOLVE_BENEATH to ens= ure that I'm only serving files within a certain directory, and the directory contains directories like "bin", "etc", and similar, attackers could tell whether I'm serving up my actual root directory or just some other directory that has root-like contents. If it is my actual root directory, that might help them learn about the ver= sion or configuration of the system the server is running on. It may also reveal that the server is running FreeBSD, since the Linux with RESOLVE_BENEATH implementation and the portable-but-slow implementation I have both fail in this situation. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-269780-227-gcfqLPN4lC>