Subject: Re: security/7060: find and rm
To: Chris Jones <cjones@rupert.honors.montana.edu>
From: David Brownlee <abs@anim.dreamworks.com>
List: netbsd-bugs
Date: 03/01/1999 10:41:22
You could keep the directory open at each level open and use
fchdir()
David/absolute
"Consistency is the last refuge of the unimaginative." - Oscar Wilde
On 1 Mar 1999, Chris Jones wrote:
> >>>>> "Richard" == Richard Earnshaw <rearnsha@arm.com> writes:
>
> Richard> So combine this with Dave's idea of a chdir. Then all that
> Richard> unlink needs to be passed is the file in the current
> Richard> directory (rather than the path). If the stat isn't done
> Richard> until after the chdir then nothing that is unsafe can be
> Richard> changed between the stat and the unlink -- I am correct in
> Richard> thinking that unlink doesn't need an absolute pathname aren't
> Richard> I (it works on slowlaris), or does unlink add the current
> Richard> directory before passing it into the kernel?
>
> Hmm; I think that would work, assuming that we can be sure that the
> chdir() is safe. And no, unlink doesn't change its pathname to a
> fully-qualified one, as far as I can tell.
>
> Chris
>
> --
> -----------------------------------------------------cjones@math.montana.edu
> Chris Jones cjones@honors.montana.edu
> Mad scientist at large cjones@nervana.montana.edu
> "Is this going to be a stand-up programming session, sir, or another bug hunt?"
>