[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug #17877] Invalid "No such file or directory" error on filesystem

From: Miklos Szeredi
Subject: Re: [bug #17877] Invalid "No such file or directory" error on filesystem without stable inode numbers
Date: Mon, 09 Oct 2006 08:20:44 +0200

> > I'm very reluctant to try opening every file in the
> > filesystem just in case it turns out to be a directory we need to
> > descend into.
> Your reluctance is understandable, since it is incorrect to
> always open every directory entry.  The corresponding file
> might be a special file, and opening devices can have side
> effects (e.g., opening and closing a tape device might
> rewind it).  Similarly for other kinds of files (e.g.,
> fifos).

Right.  And since the lstat and the open can be very far apart, an
unprivileged user can _very_easily_ do DoS against find by changing a
directory into a fifo, while find is traversing some deep directory

There's O_DIRECTORY on Linux (I don't know about other systems) to
handle this kind of problem.

On systems not supporting O_DIRECTORY, moving the lstat() and the
open() close to each other still makes a lot of sence from the
security POV.

So fts seems to have a security bug, as well as not working for
non-POSIX filesystems.

And they have a common underlying reason.  If you assume too much
about the system, you will easily fall into these kind of security
traps.  If you assume as little as possible about the system, it will
not only be more secure, but will also work better on sub-standard


reply via email to

[Prev in Thread] Current Thread [Next in Thread]