tech-kern: Re: O_REG_ONLY, O_NOFOLLOW, open_ass(), and other such beasts

Subject: Re: O_REG_ONLY, O_NOFOLLOW, open_ass(), and other such beasts
To: Charles M. Hannum <root@ihack.net>
From: Warner Losh <imp@village.org>
List: tech-kern
Date: 12/05/2000 21:57:31

In message <200012051927.eB5JRc100815@trinity.ihack.net> "Charles M. Hannum" writes:
: * As a separate endeavour, we should consider implementing O_NOFOLLOW
:   to prevent symlink race attacks (but, given the previous, this will
:   generally only affect systems where users have done something
:   actively stupid).

FreeBSD implements O_NOFOLLOW as folllows:
     If O_NOFOLLOW is used in the mask and the target file passed to
     open() is a symbolic link then the open() will fail.

Just as an FYI.  If you are going to do something different than the
above, then a different name might be in order.

Warner