|
From: | Paul Eggert |
Subject: | Re: XFS reports lchmod failure, but changes file system contents |
Date: | Wed, 12 Feb 2020 12:38:11 -0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 |
On 2/12/20 12:01 PM, Florian Weimer wrote:
I assumed that an O_PATH descriptor was not intending to confer that capability.
I originally assumed the other way, as I don't see any security reason why fchmod should not work on O_PATH-opened descriptors. I see that the Linux man page says open+O_PATH doesn't work with fchmod, but that's just a bug in the spec.
In Android, the bionic C library has worked around this problem since 2015 by wrapping fchmod so that it works even when the fd was O_PATH-opened. Bionic then uses O_PATH + fchmod to work around the fchmodat+AT_SYMLINK_NOFOLLOW problem[1]. glibc (and Gnulib, etc.) could do the same. It's the most sane way out of this mess.
[1] https://android.googlesource.com/platform/bionic/+/3cbc6c627fe57c9a9783c52d148078f8d52f7b96
[Prev in Thread] | Current Thread | [Next in Thread] |