On 25/03/2025 14:19, Ethan Heilman wrote:
Howdy coreutils,
I would like to add a O_NOFOLLOW flag to cat so that users can specify
if cat should follow a symlink at the final file in a path. This is
motivated by the need to atomically read a file while ensuring it is
not a symlink. This functiona
Safepath is an excellent idea.
> Think about it; why do you worry that the last component of a path you are
> cat-ting can be turned into a symlink?
Exactly, even with paths that contain an additional directory such as
`/home/user/.ssh/authorized_keys` you could set .ssh permissions to
prevent s
On 2025-03-25 07:19, Ethan Heilman wrote:
> Without this functionality in cat, users are likely to do the next
> easiest option which is to use two separate commands to first check if
> the file is a symlink and then read the file. This can be a source of
> bugs and harm security because using two
Yes, it would. Unless there is some case where dd is available but cat
is, dd works.
Thanks for your help,
Ethan
On Tue, Mar 25, 2025 at 1:11 PM Pádraig Brady wrote:
>
> On 25/03/2025 14:19, Ethan Heilman wrote:
> > Howdy coreutils,
> >
> > I would like to add a O_NOFOLLOW flag to cat so that us
Howdy coreutils,
I would like to add a O_NOFOLLOW flag to cat so that users can specify
if cat should follow a symlink at the final file in a path. This is
motivated by the need to atomically read a file while ensuring it is
not a symlink. This functionality is absent from coreutils, as far as
I a
