gnu-arch-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] "tla build-config" question and suggestion

From: Ludovic Courtès
Subject: Re: [Gnu-arch-users] "tla build-config" question and suggestion
Date: Fri, 14 Apr 2006 09:15:30 +0200
User-agent: Gnus/5.110004 (No Gnus v0.4) Emacs/21.4 (gnu/linux) 
Hi,

Thomas Lord <address@hidden> writes:

>> Now, it seems that `is_non_upwards_relative_path ()' would also reject
>> paths like `chbouib/../foo' which theoretically it should accept.  But
>> well, arguably, that shouldn't be too much of a problem.  ;-)
>>
> The simpler rule is easy to explain and handling that generality properly
> would be pretty tricky.

Well, there are `realpath(3)' (which is specified by SuSv2 [0]) and
`canonicalize_file_name(3)' (an equivalent GNU extension).  These
functions handle symlinks as well.

Thus, the "right thing" might be to pass paths through them and then
check for a common prefix with the (canonicalized) tree root path,
rather than use `is_non_upwards_relative_path ()'.

This way, Arch would be resistant against maliciously-broken-config
attacks.  ;-)

Thanks,
Ludovic.

[0] http://www.opengroup.org/onlinepubs/007908799/xsh/realpath.html
reply via email to
[Prev in Thread] Current Thread [Next in Thread]