|| ||Jamie Lokier <jamie-AT-shareable.org> |
|| ||Miklos Szeredi <miklos-AT-szeredi.hu> |
|| ||Re: [PATCH] vfs: new O_NODE open flag |
|| ||Mon, 28 Sep 2009 14:28:45 +0100|
|| ||Valdis.Kletnieks-AT-vt.edu, linux-AT-treblig.org, agruen-AT-suse.de,
|| ||Article, Thread
Miklos Szeredi wrote:
> BTW I just checked, and it is possible to re-open or promote an fd
> opened with O_NODE like this:
> char tmp;
> fd = open(filename, O_NODE | O_NOACCESS);
> /* ... */
> sprintf(tmp, "/proc/self/fd/%i", fd);
> fd_rw = open(tmp, O_RDWR);
> Now fd_rw is guaranteed to refer to the same inode as fd.
If someone passes you a file descriptor opened with O_RDONLY, you
shouldn't be able to upgrade it to O_RDWR unless you have access to
the file and could do a normal open() on the file.
I hope the above cannot convert O_NOACCESS to O_RDWR without checking
that you have access to the file.
Hmm. I have just tried, and you _can _use open("/proc/self/fd/%d",
O_RDWR) to re-open with more permissions when you can't access the
path which /proc/self/fd/%d pretends to link to. It looks a bit
dubious, as you might have been passed an O_RDONLY descriptor with the
intention that you can't write to it... Oh well!
to post comments)