On Thu, Jul 27, 2023 at 09:01:06AM +0000, David Laight wrote:
From: Aleksa Sarai
Sent: 25 July 2023 17:36
....
We almost certainly want to support AT_EMPTY_PATH at the same time.
Otherwise userspace will still need to go through /proc when trying to
chmod a file handle they have.
That can't be allowed.
Just because a process has a file open and write access to
the directory that contains it doesn't mean they are allowed
to change the file permissions.
They also need directory search access from a directory
they have open through to the containing directory.
Am I missing something? How is this different from fchmod?
Rich
