lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 20 Nov 2015 22:33:43 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	David Howells <dhowells@...hat.com>
Cc:	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-security-module@...r.kernel.org, miklos@...redi.hu
Subject: Re: [RFC] readlink()-related oddities

On Fri, Nov 20, 2015 at 09:59:05AM +0000, David Howells wrote:

> There's an AFS userspace command that could be used to query a mountpoint that
> was going to use it.  However, I suspect readlink() will now always trigger
> the automount.

It won't, actually.  All we are passing to user_path_at_empty() is
LOOKUP_EMPTY, so for the final component we'll have
        if (!(nd->flags & (LOOKUP_PARENT | LOOKUP_DIRECTORY |
                           LOOKUP_OPEN | LOOKUP_CREATE | LOOKUP_AUTOMOUNT)) &&
            path->dentry->d_inode)
                return -EISDIR;
in follow_automount() trigger and follow_managed() will turn that -EISDIR
into 0.  IOW, readlink(2) does work on those, same as stat() (since Sep 2011).

Sigh...  OK, let's leave it for now; ->open() for those guys is completely
bogus, AFAICS, but that's local bogo^Wbusiness.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ