The old code doesn't require any capabilities, but your new code
requires that the user have CAP_DAC_READ_SEARCH, due to the use of
AT_EMPTY_PATH with linkat. (I personally think CAP_DAC_READ_SEARCH
should be unnecessary and that f0cc6ffb should be reverted, but I
digress.)
Joseph C. Sible
On Tue, Sep 25, 2018 at 7:13 PM Adam Borowski <kilobyte@xxxxxxxxxx> wrote:
>
> In the example snippet, we already have the fd, thus there's no
> need to refer to the file by name. And, /proc/ might be not mounted
> or not accessible.
>
> Noticed-by: Theodore Ts'o <tytso@xxxxxxx>
> Signed-off-by: Adam Borowski <kilobyte@xxxxxxxxxx>
> ---
> man2/open.2 | 4 +---
> 1 file changed, 1 insertion(+), 3 deletions(-)
>
> diff --git a/man2/open.2 b/man2/open.2
> index 5d0ce66d8..1c775b6b3 100644
> --- a/man2/open.2
> +++ b/man2/open.2
> @@ -811,9 +811,7 @@ fd = open("/path/to/dir", O_TMPFILE | O_RDWR,
>
> /* File I/O on 'fd'... */
>
> -snprintf(path, PATH_MAX, "/proc/self/fd/%d", fd);
> -linkat(AT_FDCWD, path, AT_FDCWD, "/path/for/file",
> - AT_SYMLINK_FOLLOW);
> +linkat(fd, NULL, AT_FDCWD, "/path/for/file", AT_EMPTY_PATH);
> .EE
> .in
> .IP
> --
> 2.19.0
>
