From: Jamie Lokier <jamie@shareable.org>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: Valdis.Kletnieks@vt.edu, linux@treblig.org, agruen@suse.de,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] vfs: new O_NODE open flag
Date: Mon, 28 Sep 2009 14:28:45 +0100 [thread overview]
Message-ID: <20090928132845.GC19778@shareable.org> (raw)
In-Reply-To: <E1MsDQ6-0001cY-92@pomaz-ex.szeredi.hu>
Miklos Szeredi wrote:
> BTW I just checked, and it is possible to re-open or promote an fd
> opened with O_NODE like this:
>
> char tmp[64];
>
> fd = open(filename, O_NODE | O_NOACCESS);
> /* ... */
> sprintf(tmp, "/proc/self/fd/%i", fd);
> fd_rw = open(tmp, O_RDWR);
>
> Now fd_rw is guaranteed to refer to the same inode as fd.
If someone passes you a file descriptor opened with O_RDONLY, you
shouldn't be able to upgrade it to O_RDWR unless you have access to
the file and could do a normal open() on the file.
I hope the above cannot convert O_NOACCESS to O_RDWR without checking
that you have access to the file.
Hmm. I have just tried, and you _can _use open("/proc/self/fd/%d",
O_RDWR) to re-open with more permissions when you can't access the
path which /proc/self/fd/%d pretends to link to. It looks a bit
dubious, as you might have been passed an O_RDONLY descriptor with the
intention that you can't write to it... Oh well!
-- Jamie
next prev parent reply other threads:[~2009-09-28 13:28 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-24 14:51 [PATCH] vfs: new O_NODE open flag Miklos Szeredi
2009-09-25 0:23 ` Andreas Gruenbacher
2009-09-25 5:52 ` Miklos Szeredi
2009-09-25 12:37 ` Dr. David Alan Gilbert
2009-09-25 12:18 ` Miklos Szeredi
2009-09-25 17:08 ` Jamie Lokier
2009-09-25 16:53 ` Andreas Dilger
2009-09-25 17:20 ` Valdis.Kletnieks
2009-09-25 18:35 ` Dr. David Alan Gilbert
2009-09-25 21:18 ` Valdis.Kletnieks
2009-09-28 10:25 ` Miklos Szeredi
2009-09-28 13:28 ` Jamie Lokier [this message]
2009-09-28 14:07 ` Miklos Szeredi
2009-09-28 14:10 ` Jamie Lokier
2009-09-30 8:18 ` Florian Weimer
2009-09-30 8:18 ` Florian Weimer
2009-09-28 15:21 ` Andreas Dilger
2009-09-28 16:04 ` Miklos Szeredi
2009-10-04 19:03 ` Pavel Machek
2009-10-04 22:58 ` Jamie Lokier
2009-10-23 17:10 ` /proc filesystem allows bypassing directory permissions on Linux (was Re: [PATCH] vfs: new O_NODE open flag) Pavel Machek
2009-10-14 13:14 ` [PATCH] vfs: new O_NODE open flag Andreas Gruenbacher
2009-09-25 19:02 ` Andreas Dilger
2009-09-28 15:53 ` Jamie Lokier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090928132845.GC19778@shareable.org \
--to=jamie@shareable.org \
--cc=Valdis.Kletnieks@vt.edu \
--cc=agruen@suse.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@treblig.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.