| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Jan 2015 10:53:10 +0100 From: "Axel Kittenberger" <axel.kittenberger@...vie.ac.at> To: linux-kernel@...r.kernel.org Subject: atomic unlink filename only if everything but basename is no symlink? Is there a Linux system call that allows one to call unlink() to execute properly only if no part of the path is a symlink? Except the basename of course since that would be simply removing the symlink itself? The issue is with some tools like Lsyncd this can lead to removes outside of what is expected if one part of the path happened to become a symlink to some place where it shouldn't operate. I could test if a "realpath -s PATH" is equals to "realpath PATH" but the basename, but even if I coded that, there would still be a racecondition by something else replacing one physical directory by a symlink just between the test and the call to unlink, so it unlinks something it didn't want to. Like there is now lchown should there be a lunlink() systemcall or an option to unlink()? Or a global process flag like "do not follow *any* symlinks for me please (including my subprocesses)"? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists