lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <E1LKIeB-0006qv-Bv@pomaz-ex.szeredi.hu>
Date:	Tue, 06 Jan 2009 21:35:31 +0100
From:	Miklos Szeredi <miklos@...redi.hu>
To:	penguin-kernel@...ove.sakura.ne.jp
CC:	viro@...IV.linux.org.uk, hch@....de, linux-fsdevel@...r.kernel.org,
	linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Introduce d_realpath().

On Tue, 06 Jan 2009, Tetsuo Handa wrote:
> Al, thank you very much for processing security_path_*() patch.
> Now James is reviewing our patch and he suggested
> following parts need your acknowledgments.
> Will you review and ACK for introducing a variant of d_path()?
> 
> --------------------
> Subject: Introduce d_realpath().
> 
> To remove factors that make pathname based access control difficult
> (e.g. symbolic links, "..", "//", chroot() etc.), a variant of d_path()
> which traverses up to the root of the namespace is needed.
> 
> This patch introduces d_realpath(), a variant of d_path().
> While d_path() stops traversing at current->fs->root,
> d_realpath() doesn't stop traversiong at current->fs->root.
> 
> Three differences compared to d_path().
> (1) Ignores current process's root directory.

I'd suggest calling __d_path() and passing in the namespace root
instead of the process root.  That would be a lot simpler and result
in less code duplication.

> (2) Trailing '/' is added if the pathname refers to a directory.

Caller can do this.

> (3) /proc/PID/ is represented as /proc/self/ if PID equals current->tgid.

This too.  Such hacks really don't belong in generic VFS functions.

Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ