lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 15 Jul 2011 17:29:41 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Stephen Hemminger <shemminger@...tta.com>
Cc:	<netdev@...r.kernel.org>
Subject: [PATCH] iproute2: Fail "ip netns add" on existing network namespaces.


Use O_EXCL so that we only create and mount a new network namespace
if there is no chance an existing network namespace is present.

Signed-off-by: Eric W. Biederman <ebiederm@...ssion.com>
---

 ip/ipnetns.c |   17 +++++------------
 1 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/ip/ipnetns.c b/ip/ipnetns.c
index dff3497..e41a598 100644
--- a/ip/ipnetns.c
+++ b/ip/ipnetns.c
@@ -41,16 +41,6 @@ static int setns(int fd, int nstype)
 #endif /* HAVE_SETNS */
 
 
-static int touch(const char *path, mode_t mode)
-{
-	int fd;
-	fd = open(path, O_RDONLY|O_CREAT, mode);
-	if (fd < 0)
-		return -1;
-	close(fd);
-	return 0;
-}
-
 static void usage(void) __attribute__((noreturn));
 
 static void usage(void)
@@ -214,6 +204,7 @@ static int netns_add(int argc, char **argv)
 	 */
 	char netns_path[MAXPATHLEN];
 	const char *name;
+	int fd;
 
 	if (argc < 1) {
 		fprintf(stderr, "No netns name specified\n");
@@ -227,11 +218,13 @@ static int netns_add(int argc, char **argv)
 	mkdir(NETNS_RUN_DIR, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH);
 
 	/* Create the filesystem state */
-	if (touch(netns_path, 0) < 0) {
+	fd = open(netns_path, O_RDONLY|O_CREAT|O_EXCL, 0);
+	if (fd < 0) {
 		fprintf(stderr, "Could not create %s: %s\n",
 			netns_path, strerror(errno));
-		goto out_delete;
+		return -1;
 	}
+	close(fd);
 	if (unshare(CLONE_NEWNET) < 0) {
 		fprintf(stderr, "Failed to create a new network namespace: %s\n",
 			strerror(errno));
-- 
1.7.5.1.217.g4e3aa

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists