[Bug 248335] O_BENEATH leaks information about parent directories
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed Jul 29 21:20:27 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248335
--- Comment #3 from Konstantin Belousov <kib at FreeBSD.org> ---
But user could only guess-check only his own username, no ?
O_BENEATH usage was designed to confine existing non-capsicumized apps, which
only need access to the known subset of the whole filesystem namespace.
Typical example is compiler which only needs to access source file, hierarchies
of headers, and write output file. There, we can pre-allocate dirfds for
/usr/include and /usr/local/include. On the other hand, build systems often
use relative paths with dotdots to express target directory as relative to
source, so dotdot support was needed for intended application of our O_BENEATH.
Anyway, if you can provide somewhat more precise explanation of the desired
behavior, and perhaps give the name for the new O_ flag, I will implement it as
well.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list