On Sat, Sep 29, 2018 at 09:34:24AM -0700, Andy Lutomirski wrote: > Also, as a perhaps-silly suggestion: if you end up adding a new > syscall, I can see a use for a mode that does the path walk but, rather > than failing on a disallowed link, stops early and indicates where it > stopped. Then web servers, samba, etc can more efficiently implement > custom behavior when links are encountered. And it may also be useful > to have a variant of AT_THIS_ROOT where trying to escape is an error > instead of having it just get stuck at the root. AT_USER_LINKS indicating that userspace wants to resolve symlinks themselves?
