On Jun 30, 2014 3:36 AM, "David Drysdale" <drysdale@xxxxxxxxxx> wrote: > > Add a new O_BENEATH_ONLY flag for openat(2) which restricts the > provided path, rejecting (with -EACCES) paths that are not beneath > the provided dfd. In particular, reject: > - paths that contain .. components > - paths that begin with / > - symlinks that have paths as above. I like this a lot. However, I think I'd like it even better if it were AT_BENEATH_ONLY so that it could be added to the rest of the *at family. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
