|
| From: | Thomas Lord |
| Subject: | Re: [Gnu-arch-users] "tla build-config" question and suggestion |
| Date: | Fri, 14 Apr 2006 00:28:31 -0700 |
| User-agent: | Thunderbird 1.5 (X11/20060313) |
Ludovic Courtès wrote:
Hi, Thomas Lord <address@hidden> writes:Now, it seems that `is_non_upwards_relative_path ()' would also reject paths like `chbouib/../foo' which theoretically it should accept. But well, arguably, that shouldn't be too much of a problem. ;-)The simpler rule is easy to explain and handling that generality properly would be pretty tricky.Well, there are `realpath(3)' (which is specified by SuSv2 [0]) and `canonicalize_file_name(3)' (an equivalent GNU extension). These functions handle symlinks as well. Thus, the "right thing" might be to pass paths through them and then check for a common prefix with the (canonicalized) tree root path, rather than use `is_non_upwards_relative_path ()'. This way, Arch would be resistant against maliciously-broken-config attacks. ;-)
Ok, yr just f'ing around now, right?
I mean, you do understand that the paths in question *don't exist* at the point in time where canonicalization is desired, right? And thereforethe functions you mention can not possibly do a Right Thing.
Yr just baiting me, right? And, ha! -- called you out on it. (Or are you just being sloppy?) Regards, -t
Thanks, Ludovic. [0] http://www.opengroup.org/onlinepubs/007908799/xsh/realpath.html _______________________________________________ Gnu-arch-users mailing list address@hidden http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
| [Prev in Thread] | Current Thread | [Next in Thread] |