fchmodat(AT_SYMLINK

bug-gnulib

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

fchmodat(AT_SYMLINK_NOFOLLOW)

From:	Eric Blake
Subject:	fchmodat(AT_SYMLINK_NOFOLLOW)
Date:	Wed, 9 Aug 2017 11:03:18 -0500
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

glibc's current implementation of fchmodat() is non-compliant when
AT_SYMLINK_NOFOLLOW is used.  qemu just recently rediscovered what musl
libc has already known for three years: on kernels new enough to support
O_PATH, you can get a race-free implementation that supports
AT_SYMLINK_NOFOLLOW even without kernel support of the proposed
fchmodat2() syscall, by using fstat() to double-check whether the
open(O_PATH) name is a symlink, before using chmod(/proc/self/fd/nnn) to
change the mode without a race.

Are we interested in improving gnulib's fchmodat() module to implement
this workaround?

musl libc also claims that with Linux' O_PATH, it is possible to
implement POSIX-compliant O_SEARCH/O_EXEC fds.

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

fchmodat(AT_SYMLINK_NOFOLLOW), Eric Blake <=
- Re: fchmodat(AT_SYMLINK_NOFOLLOW), Paul Eggert, 2017/08/09

Prev by Date: Re: [PATCH 4/6] fts: cache dirent_inode_sort_may_be_useful too
Next by Date: Re: fchmodat(AT_SYMLINK_NOFOLLOW)
Previous by thread: Re: [PATCH 4/6] fts: cache dirent_inode_sort_may_be_useful too
Next by thread: Re: fchmodat(AT_SYMLINK_NOFOLLOW)
Index(es):
- Date
- Thread