On Friday 16 Apr 2010 10:35:54 Gert Doering wrote: > On Fri, Apr 16, 2010 at 11:16:32AM +0200, David Sommerseth wrote: > > I'll look more into this, as the only advantage is that if open() with > > O_EXCL|O_CREAT fails if the file exists, it should be used instead. > > Unfortunately, this won't help against symlink attacks directed to > non-existant files (like "-> /etc/nologin"). > > It *will* protect against symlink attacks to existing files (overwriting > /etc/passwd or something similarily nasty).
"If O_EXCL and O_CREAT are set, and path names a symbolic link, open() shall fail and set errno to [EEXIST], regardless of the contents of the symbolic link." Seems to me that it will fail in any case (or at least it should). I may be misunderstanding what you mean though. -- D.
