On 03/06/2017 02:29 AM, Greg Kurz wrote: > When O_PATH is used with O_DIRECTORY, it only acts as an optimization: the > openat() syscall simply finds the name in the VFS, and doesn't trigger the > underlying filesystem. > > On systems that don't define O_PATH, because they have glibc version 2.13 > or older for example, we can safely omit it. We don't want to deactivate > O_PATH globally though, in case it is used without O_DIRECTORY. The is done > with a dedicated macro.
May be worth adding: Systems without O_PATH may thus fail to resolve names that involve unreadable directories, compared to newer systems succeeding, but such corner case failure is our only option on those older systems to avoid the security hole of chasing symlinks inappropriately. > > Signed-off-by: Greg Kurz <gr...@kaod.org> > --- > hw/9pfs/9p-util.h | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
