From: Al Viro <viro@ZenIV.linux.org.uk>
To: Andy Lutomirski <luto@kernel.org>
Cc: Jann Horn <jannh@google.com>,
Linux API <linux-api@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Linux FS Devel <linux-fsdevel@vger.kernel.org>,
Linus Torvalds <torvalds@linux-foundation.org>
Subject: Re: new ...at() flag: AT_NO_JUMPS
Date: Fri, 5 May 2017 02:06:54 +0100 [thread overview]
Message-ID: <20170505010654.GN29622@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CALCETrXE2-841_VRgDJxRZBYAfvSe+GQN+0Jkfh3k1pL8XfDaA@mail.gmail.com>
On Thu, May 04, 2017 at 05:44:19PM -0700, Andy Lutomirski wrote:
> > It's not quite O_BENEATH, and IMO it's saner that way - a/b/c/../d is
> > bloody well allowed, and so are relative symlinks that do not lead out of
> > the subtree. If somebody has a good argument in favour of flat-out
> > ban on .. (_other_ than "other guys do it that way, and it doesn't need
> > to make sense 'cuz security!!1!!!", please), I'd be glad to hear it.
>
> I don't have an argument for allowing '..'. I think it would be okay
> to disallow it, but I don't think it matters all that much either way.
Relative symlinks as argument in favour of allowing .. _when_ _it_ _stays_
_in_ _subtree_.
> > For the latter I would prefer -EXDEV, for obvious reasons. For the former...
> > not sure. I'm not too happy about -ELOOP, but -EPERM (as with O_BENEATH)
> > is an atrocity - it's even more overloaded.
> >
> > Suggestions?
>
> -EDOTDOT would be amusing.
For ln -s /tmp foo/bar, lookup for foo/bar/baz? Seriously? Hell, even
-EXDEV would make more sense...
next prev parent reply other threads:[~2017-05-05 1:06 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-29 22:04 new ...at() flag: AT_NO_JUMPS Al Viro
[not found] ` <20170429220414.GT29622-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2017-04-29 23:17 ` Andy Lutomirski
[not found] ` <CALCETrXhOhG0tRDDOROwT9ghvQvKziM2PBN=CX5Soa2m7=0cFw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-04-29 23:25 ` Al Viro
2017-04-30 1:13 ` Andy Lutomirski
[not found] ` <20170429232504.GU29622-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2017-04-30 4:38 ` Matthew Wilcox
[not found] ` <20170430043822.GE27790-PfSpb0PWhxZc2C7mugBRk2EX/6BAtgUQ@public.gmane.org>
2017-04-30 16:10 ` Al Viro
2017-05-01 4:52 ` Andy Lutomirski
[not found] ` <CALCETrX0dx3d6OQQ+1GJ_xgSz3iNVeRn+8o6b-+3f7awVOWdQg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-01 5:15 ` Al Viro
2017-05-01 17:36 ` Jann Horn
2017-05-01 19:37 ` Andy Lutomirski
[not found] ` <CAG48ez0wccvQ5i+XN_Q_yA9_ZwSaGb-W+zky0KQb_GU=9G+MSw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-05 0:30 ` Al Viro
2017-05-05 0:44 ` Andy Lutomirski
2017-05-05 1:06 ` Al Viro [this message]
[not found] ` <20170505003030.GM29622-3bDd1+5oDREiFSDQTTA3OLVCufUGDwFn@public.gmane.org>
2017-05-05 1:27 ` Linus Torvalds
[not found] ` <CA+55aFyOKM7DW7+0sdDFKdZFXgptb5r1id9=Wvhd8AgSP7qjwQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-05 3:00 ` Al Viro
2017-05-05 4:01 ` Linus Torvalds
2017-05-05 4:31 ` Andy Lutomirski
2017-05-05 2:47 ` Jann Horn
2017-05-05 3:46 ` Linus Torvalds
[not found] ` <CA+55aFy1SokNNUgxBnFLdA1PRyeG13BqyYNg5xVrW-tNGqh2Bg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-05 4:39 ` Al Viro
2017-05-05 4:44 ` Andy Lutomirski
[not found] ` <CALCETrVQ2fwDZOsGSoLyRb6Qjp4nszfDjOPSYi0kzqt23Aw1NA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-05-05 20:04 ` Eric W. Biederman
2017-05-05 20:28 ` Eric W. Biederman
[not found] ` <8737cj6oao.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2017-05-08 19:34 ` Mickaël Salaün
2017-05-18 8:50 ` David Drysdale
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170505010654.GN29622@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=jannh@google.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).