On Jun 17, 2014 2:48 AM, "Florian Weimer" fweimer@redhat.com wrote:
On 04/10/2014 10:37 PM, Andy Lutomirski wrote:
It occurs to me that, before going nuts with these kinds of flags, it may pay to just try to fix the /proc/self/fd issue for real -- we could just make open("/proc/self/fd/3", O_RDWR) fail if fd 3 is read-only. That may be enough for the file sealing thing.
Increasing privilege on O_PATH descriptors via access through
/proc/self/fd is part of the userspace API. The same thing might be true for O_RDONLY descriptors, but it's a bit less likely that there are any users out there. In any case, I'm not sure it makes sense to plug the O_RDONLY hole while leaving the O_PATH hole open.
Do you mean O_PATH fds for the directory or O_PATH fds for the file itself? In any event, I'm much less concerned about passing O_PATH memfds around than O_RDONLY memfds.
I have incomplete patches for this stuff. I need to fix them so they work and get past Al Viro.
--Andy