: [PATCH v2 1/3] namei: implement O_BENEATH-style AT_* flags

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ed Maste <emaste@freebsd.org>
To: Aleksa Sarai <cyphar@cyphar.com>
Cc: David Drysdale <drysdale@google.com>, linux-kernel@vger.kernel.org
Subject: : [PATCH v2 1/3] namei: implement O_BENEATH-style AT_* flags
Date: Sat, 27 Oct 2018 12:11:52 +0000	[thread overview]
Message-ID: <20181027121152.GA70269@freebsd.org> (raw)
In-Reply-To: <20181027075348.GN32577@ZenIV.linux.org.uk>

> What is the proposed semantic of O_BENEATH with absolute paths -- I
> believe you don't have an openat(2) on FreeBSD (but please feel free to
> correct me)?

openat(2) is necessary for capability mode (since open(2) is not permitted),
but it turns out it was actually added to FreeBSD earlier than that - the
work was done by a student in the 2007 Google Summer of Code.

From the proposed man page change:
| If the specified path is absolute, O_BENEATH
| allows arbitrary prefix that ends up in the starting directory,
| after which all further resolved components must be under it.

For open, and openat(AT_FDCWD), cwd is used as the top / starting directory.

Once the absolute path traverses the "top" directory in namei all
components must remain within.  The proposed patch allows paths that perhaps
enter, exit, and re-enter the hierarchy -- for example, if /a/b is the top
then /c/d/../../a/b/file would be allowed.

(If you're interested in taking a look the proposed change is available at
https://reviews.freebsd.org/D17714 )

In capability mode absolute paths will always be disallowed.

next prev parent reply	other threads:[~2018-10-27 12:12 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-09  6:52 [PATCH v2 0/3] namei: implement various lookup restriction AT_* flags Aleksa Sarai
2018-10-09  6:52 ` Aleksa Sarai
2018-10-09  6:52 ` [PATCH v2 1/3] namei: implement O_BENEATH-style " Aleksa Sarai
2018-10-09 19:25   ` Andy Lutomirski
2018-10-10  7:07     ` Aleksa Sarai
2018-10-10  7:28       ` Aleksa Sarai
2018-10-12  1:12       ` Andy Lutomirski
2018-10-27  1:41   ` Ed Maste
2018-10-27  7:17     ` Aleksa Sarai
2018-10-27  7:53       ` Al Viro
2018-10-27 12:11         ` Ed Maste [this message]
2018-10-27 15:37         ` Aleksa Sarai

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181027121152.GA70269@freebsd.org \
    --to=emaste@freebsd.org \
    --cc=cyphar@cyphar.com \
    --cc=drysdale@google.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.