Subject: Re: security/7060: find and rm
To: Chris Jones <cjones@rupert.honors.montana.edu>
From: David Brownlee <abs@anim.dreamworks.com>
List: netbsd-bugs
Date: 03/01/1999 10:41:22
	You could keep the directory open at each level open and use
	fchdir()

		David/absolute

    "Consistency is the last refuge of the unimaginative." - Oscar Wilde

On 1 Mar 1999, Chris Jones wrote:

> >>>>> "Richard" == Richard Earnshaw <rearnsha@arm.com> writes:
> 
> Richard> So combine this with Dave's idea of a chdir.  Then all that
> Richard> unlink needs to be passed is the file in the current
> Richard> directory (rather than the path).  If the stat isn't done
> Richard> until after the chdir then nothing that is unsafe can be
> Richard> changed between the stat and the unlink -- I am correct in
> Richard> thinking that unlink doesn't need an absolute pathname aren't
> Richard> I (it works on slowlaris), or does unlink add the current
> Richard> directory before passing it into the kernel?
> 
> Hmm; I think that would work, assuming that we can be sure that the
> chdir() is safe.  And no, unlink doesn't change its pathname to a
> fully-qualified one, as far as I can tell.
> 
> Chris
> 
> -- 
> -----------------------------------------------------cjones@math.montana.edu
> Chris Jones                                          cjones@honors.montana.edu
>            Mad scientist at large                    cjones@nervana.montana.edu
> "Is this going to be a stand-up programming session, sir, or another bug hunt?"
>