On Mon, Jun 30, 2014 at 01:40:40PM -0700, Andi Kleen wrote: > David Drysdale <drysdale@xxxxxxxxxx> writes: > > > Add a new O_BENEATH_ONLY flag for openat(2) which restricts the > > provided path, rejecting (with -EACCES) paths that are not beneath > > the provided dfd. In particular, reject: > > - paths that contain .. components > > - paths that begin with / > > - symlinks that have paths as above. > > How about bind mounts? > > -Andi > > -- > ak@xxxxxxxxxxxxxxx -- Speaking for myself only Bind mounts won't get rejected because they just look like normal path components. In other words, if dir/subdir is a bind mount to /root/dir then: fd = openat(AT_FDCWD, "dir/subdir", O_RDONLY|O_BENEATH_ONLY); will work fine. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
