| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=whb+V5UC0kuJkBByeEkeRGyLhTupBvpF-z57Hvmn7kszA@mail.gmail.com>
Date: Wed, 27 Nov 2024 18:24:27 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Al Viro <viro@...iv.linux.org.uk>
Cc: Kees Cook <kees@...nel.org>, linux-kernel@...r.kernel.org,
Christophe JAILLET <christophe.jaillet@...adoo.fr>, "Eric W. Biederman" <ebiederm@...ssion.com>,
Nir Lichtman <nir@...htman.org>, Tycho Andersen <tandersen@...flix.com>,
Vegard Nossum <vegard.nossum@...cle.com>
Subject: Re: [GIT PULL] execve updates for v6.13-rc1 (take 2)
On Wed, 27 Nov 2024 at 18:06, Al Viro <viro@...iv.linux.org.uk> wrote:
>
> > So if pathname exists and isn't empty, AT_EMPTY_PATH does nothing.
>
> ... so let's tie that to pathname _being_ empty - it's not as if it
> had been hard to check.
This is not some kind of new system call, and AT_EMPTY_PATH isn't some
Linux-only thing.
It has well-defined and documented semantics:
AT_EMPTY_PATH
If this flag is specified, oldname can be an empty string.
Note the "can be". Not "will/must be".
> What's more, let's allow userland pointer to be NULL - use getname_maybe_null()
> and treat NULL returned by it as "we have an empty pathname".
Now, that's separate, and I agree with that extension. That just
suppresses another "empty string" error case.
But no, I do not accept changing well-documented behaviour of
AT_EMPTY_PATH, much less the insanity of making "execveat()" have
completely different semantics for AT_EMPTY_PATH than a plain openat.
Linus
Powered by blists - more mailing lists