Re: $ORIGIN

To: tech-toolchain%netbsd.org@localhost
Subject: Re: $ORIGIN
From: Alan Barrett <apb%cequrux.com@localhost>
Date: Sun, 26 Jan 2014 16:28:11 +0200

On Sun, 26 Jan 2014, David Laight wrote:

The problem with caching the path is that it might containsymlinks that the user can change - which means that it isn'tsave to use $ORIGIN in suid binaries.

You can fix that by keeping a reference to the vnode of thedirectory, instead of keeping a string representation of thedirectory name.

Whereas the kernel has vnode of the directory where the file hasfound, so should be able to refcount it. An open relative tothat vnode is safe (and fast) even for suid programs.


Right.

--apb (Alan Barrett)

References:
- Re: $ORIGIN
  - From: Matt Thomas
- re: $ORIGIN
  - From: matthew green
- Re: $ORIGIN
  - From: David Laight

Prev by Date: Re: $ORIGIN
Next by Date: Re: $ORIGIN
Previous by Thread: Re: $ORIGIN
Next by Thread: Re: $ORIGIN
Indexes:

Home | Main Index | Thread Index | Old Index