lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <6344cf9a34e77766f4c0893db50b75ad.squirrel@webmail.univie.ac.at>
Date:	Mon, 26 Jan 2015 10:53:10 +0100
From:	"Axel Kittenberger" <axel.kittenberger@...vie.ac.at>
To:	linux-kernel@...r.kernel.org
Subject: atomic unlink filename only if everything but basename is no 
 symlink?

Is there a Linux system call that allows one to call unlink() to execute
properly only if no part of the path is a symlink? Except the basename of
course since that would be simply removing the symlink itself?

The issue is with some tools like Lsyncd this can lead to removes outside
of what is expected if one part of the path happened to become a symlink
to some place where it shouldn't operate.

I could test if a "realpath -s PATH" is equals to "realpath PATH" but the
basename, but even if I coded that, there would still be a racecondition
by something else replacing one physical directory by a symlink just
between the test and the call to unlink, so it unlinks something it didn't
want to.

Like there is now lchown should there be a lunlink() systemcall or an
option to unlink()? Or a global process flag like "do not follow *any*
symlinks for me please (including my subprocesses)"?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ