The problem is that a pathname can contain absolute symlinks and now
they are resolved relative to the current root.
If we want to open a file in another mount namespaces and we have a file
descriptor to its root directory, we probably want to resolve pathname
in the target mount namespace.
Here are examples how we can open a file in a contex of another process.
How we can do this without these changes:
old_root = open("/", O_PATH);
old_cwd = open(".", O_PATH);
chroot("/proc/PID/root");
fd = open(pathname, O_RDONLY);
fchdir(old_root); /* emulate fchroot() */
chroot(".");
fchdir(old_cwd);
close(old_cwd);
close(old_root);
How this code is simplified with new flags:
dirfd = open("/proc/PID/root", O_PATH);
fd = open(dirfd, pathname, O_RDONLY | O_ATROOT);
close(dirfd);
One more thing is that chroot isn't avaliable for unprivileged users.
We met this problem, when we tryed to dump an ubuntu container and
failed to resolve /proc/PID/root/var/run/mysqld/mysqld.sock, because
/var/run was a symlink to /run.
Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Signed-off-by: Andrey Vagin <avagin@xxxxxxxxxx>
Andrey Vagin (2):
namei: add LOOKUP_DFD_ROOT to use dfd as root
fs: allow to use dirfd as root for openat and other *at syscalls
fs/exec.c | 4 +++-
fs/namei.c | 22 +++++++++++++++++-----
fs/open.c | 6 +++++-
fs/stat.c | 4 +++-
fs/utimes.c | 4 +++-
include/linux/namei.h | 2 ++
include/uapi/asm-generic/fcntl.h | 3 +++
include/uapi/linux/fcntl.h | 1 +
8 files changed, 37 insertions(+), 9 deletions(-)
--
2.5.5
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
