lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 23 Jun 2009 17:13:00 +0200
From:	Miklos Szeredi <miklos@...redi.hu>
To:	hch@...radead.org
CC:	miklos@...redi.hu, hch@...radead.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	torvalds@...ux-foundation.org, viro@...IV.linux.org.uk,
	adilger@....com, dhowells@...hat.com, alan@...rguk.ukuu.org.uk,
	akpm@...ux-foundation.org
Subject: Re: [RFC] O_NOACC: open without any access

On Tue, 23 Jun 2009, Christoph Hellwig wrote:
> On Tue, Jun 23, 2009 at 04:12:22PM +0200, Miklos Szeredi wrote:
> > > an issue ioctls + stat / etc on it ut not actually read/write it.
> > 
> > Two differences between open("foo", 3) and open("foo", O_NOACC):
> > 
> >   1) open with "3" requires _read_and_write_ permissions on foo, but
> >      does not allow either read or write.  Not sure what the logic in
> >      that, but that's the way it has always been.
> 
> Which is a quite sensible requirement if we want to do ioctls.

Right, but that makes it useless for things which want to open it
despite having no permission on the file.  For example some programs
do:

	fd = open(".", 0);
        chdir(someplace);
	/* do something */
	fchdir(fd);

or for that matter:

	fd = open("foo", 0);
	fstat(fd, &stat1);
	if (something)
		fchmod(fd, ...);
	close(fd);

Note: neither chmod() nor chdir() (nor host of others) require either
read or write permissions on the file, so we _should_ be able to do
this kind of thing without open() requiring them.

Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ