| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 Jul 2007 16:03:24 -0400 From: Jeff Garzik <jeff@...zik.org> To: "H. Peter Anvin" <hpa@...or.com> CC: Miklos Szeredi <miklos@...redi.hu>, jeremy@...p.org, jengelh@...putergmbh.de, viro@....linux.org.uk, nmiell@...cast.net, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: *at syscalls for xattrs? H. Peter Anvin wrote: > Jeff Garzik wrote: >>> What the *at() interfaces really do is fix/paper over a longstanding >>> wart in Unix: the cwd really should have been a standard file descriptor >>> (like stdin/stdout/stderr) instead of a magic piece of state maintained >>> in kernel space. >> It's more than a wart, IMO. *at() allows one to close races (with >> potential security implications) that are otherwise impossible to close, >> in directory traversal. >> >> *at() permits a userspace program to hold proper references to all >> objects during a directory traversal, with all that implies. >> > > Well, as Jeremy pointed out, in the absence of threads you can do the > same thing with fchdir(), however, that's much more of a hack. My posixutils project (coreutils replacement) used fchdir(2), but that still doesn't get you 100% race-free. It gets you close, yes. Jeff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists