On Sat, May 08, 2004 at 05:42:07AM +0100, Bruce M Simpson wrote: > On Sat, May 08, 2004 at 01:02:58PM +1000, Tim Robbins wrote: > > I don't see how it differs from what we already do in userland. > > Quite a bit different, actually. I refer the honorable gentleman to > Marc Olzheim's message with the Message-ID: <20040507105355.GA93808_at_stack.nl>. The message that you refer to says: "Because getcwd() is a function that might or might not return EACCESS in the current implementation, depending on whether the current path is in the cache or not. If in /a/b/c/ directory b is unreadable for a user, /a/b/c is returned by getcwd() as long as it is in the cache (kernel), if not, the libc getcwd tries to resolve it, but fails." This is obviously a bug in the current implementation -- it should use VOP_ACCESS to check that the calling process has access to the vnodes of the current directory and its parents. How does the patch in question address this issue? Both the current implementation and the proposed new implementation try to find the pathname use the namecache without authorization checks, then if that fails, go on to read the directories, but this time with authorization checks. What is the difference? TimReceived on Fri May 07 2004 - 22:01:41 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:53 UTC