| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200411240531.AAA00851@Sparkle.Rodents.Montreal.QC.CA>
Date: Wed, 24 Nov 2004 00:24:57 -0500 (EST)
From: devnull@...ents.Montreal.QC.CA
To: bugtraq@...urityfocus.com, bug-findutils@....org
Subject: Re: Changes to the filesystem while find is running - comments?
(Because I'm so sick of the broken autoresponders bugtraq is full of,
I've set the From: on this mail to a black-hole address. Please use
the address in the signature if you actually want to reach me.)
>> Before a chdir to "foo", take stock:
>> - record stat("."); DOTFD = open("."); (get a fd to ".")
This is not possible if . is a search-only directory. (While find will
not work very well in such a directory, care should be taken that it
not fall over just because someone happened to chmod the read bits away
from a directory just when find happens to be in it.)
More generally, I've wanted to do this - use file descriptors as
handles onto directories - and often wished for an O_NOACCESS mode to
open() in consequence.
> Of course, open(2) will follow a symlink, if the directory we
> originally stat()ed is replaced by a symlink just before we issue the
> open() call. We of course can guard against that by issuing an
> lstat() on the fd once we have opened it.
ITYPM fstat(), not lstat(), in the last line.
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@...ents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Powered by blists - more mailing lists