Re: [PATCH] fcntl-h: default O_SEARCH, O_EXEC to O_PATH if available

Mon, 05 Nov 2012 14:02:41 -0800 

On 11/05/2012 02:56 PM, Paul Eggert wrote:
> Linux kernel 2.6.39 introduced O_PATH (see
> <http://lwn.net/Articles/433854/>) and this is a better fallback
> for O_SEARCH and O_EXEC than O_RDONLY, if O_PATH is available.
> * doc/posix-headers/fcntl.texi (fcntl.h): Document this.
> * lib/fcntl.in.h (O_EXEC, O_SEARCH) [O_PATH]: Default to O_PATH.
> * lib/fcntl.in.h (O_ACCMODE):
> * tests/test-fcntl-h.c (main):
> Do not reject O_ACCMODE merely because it has more than the
> minimal number of bits, as POSIX allows extensions here.
> ---
>  ChangeLog                    | 13 +++++++++++++
>  doc/posix-headers/fcntl.texi |  4 +++-
>  lib/fcntl.in.h               | 14 +++++++++++---
>  tests/test-fcntl-h.c         |  2 +-
>  4 files changed, 28 insertions(+), 5 deletions(-)
> 
> diff --git a/ChangeLog b/ChangeLog
> index 2173fb2..3576e7a 100644
> --- a/ChangeLog
> +++ b/ChangeLog
> @@ -1,3 +1,16 @@
> +2012-11-05  Paul Eggert  <egg...@cs.ucla.edu>
> +
> +     fcntl-h: default O_SEARCH, O_EXEC to O_PATH if available
> +     Linux kernel 2.6.39 introduced O_PATH (see
> +     <http://lwn.net/Articles/433854/>) and this is a better fallback
> +     for O_SEARCH and O_EXEC than O_RDONLY, if O_PATH is available.

Is that really wise?  According to that page,

"A file opened with this flag will have had its path resolved by the
kernel and is known to exist, but there is little else that can be done
with it. System calls which operate on file descriptors directly
(close() or dup(), for example) will work; these file descriptors can
also be passed to another process over Unix-domain sockets using
SCM_RIGHTS datagrams. The reason for the existence of O_PATH file
descriptors is for use as the directory file descriptor in the various
"*at()" system calls."

"O_PATH flag also allow a descriptor for symlinks. That is the main
difference IMHO."

Do we really want the ability to open a symlink as an fd when using
O_EXEC permissions, instead of following the symlink into the file that
it normally points to?

-- 
Eric Blake   ebl...@redhat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to