On Feb 12, 2019, at 7:54 AM, demiobenour@xxxxxxxxx wrote: > > From: "Demi M. Obenour" <demiobenour@xxxxxxxxx> > > This adds the file open flag O_PATHSTATIC, which ensures that symbolic > links are *never* followed, even in path components other than the last. > This is distinct from O_NOFOLLOW, which only prevents symlinks in the > *last* component from being followed. > > This is useful for avoiding race conditions in userspace code that > should expose only a subset of the filesystem to clients. This includes > FTP and SFTP servers, QEMU, and others. > > Currently, O_NOFOLLOW must be set if O_PATHSTATIC is set. Otherwise, > open() fails with -EINVAL. I don't want to bikeshed (discard suggestion if you disagree), but why not name the flag "O_NEVER_FOLLOW" so that users can see it is also related to "O_NOFOLLOW"? Otherwise it seems like they are two completely different things from looking at the names, when in fact they are closely related. Cheers, Andreas
Attachment:
signature.asc
Description: Message signed with OpenPGP
