| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20181027121152.GA70269@freebsd.org> Date: Sat, 27 Oct 2018 12:11:52 +0000 From: Ed Maste <emaste@...ebsd.org> To: Aleksa Sarai <cyphar@...har.com> Cc: David Drysdale <drysdale@...gle.com>, linux-kernel@...r.kernel.org Subject: : [PATCH v2 1/3] namei: implement O_BENEATH-style AT_* flags > What is the proposed semantic of O_BENEATH with absolute paths -- I > believe you don't have an openat(2) on FreeBSD (but please feel free to > correct me)? openat(2) is necessary for capability mode (since open(2) is not permitted), but it turns out it was actually added to FreeBSD earlier than that - the work was done by a student in the 2007 Google Summer of Code. >From the proposed man page change: | If the specified path is absolute, O_BENEATH | allows arbitrary prefix that ends up in the starting directory, | after which all further resolved components must be under it. For open, and openat(AT_FDCWD), cwd is used as the top / starting directory. Once the absolute path traverses the "top" directory in namei all components must remain within. The proposed patch allows paths that perhaps enter, exit, and re-enter the hierarchy -- for example, if /a/b is the top then /c/d/../../a/b/file would be allowed. (If you're interested in taking a look the proposed change is available at https://reviews.freebsd.org/D17714 ) In capability mode absolute paths will always be disallowed.
Powered by blists - more mailing lists