On Mon, Mar 31, 2008 at 12:37:47PM -0400, David Schultz wrote: > On Mon, Mar 31, 2008, Kostik Belousov wrote: > > int main() { > > int dfd = open("/tmp/foo", O_RDONLY); > > int res; > > > > chmod("/tmp/foo", 0666); > > > > if (dfd != -1) { > > res = openat(dfd, "bar", 0); > > printf("OPENAT returns: %d, errno: %s\n", res, strerror(errno)); > > } > > > > } > > > > gives the error EACCESS on both Linux and FreeBSD, and succeeds on Solaris. > > The Solaris behaviour seems to be specified in the document cited above. > > There are arguments in support of the both observed behaviour. > > Doesn't the latter behavior make it possible to bypass the usual > permission checks on open("bar") via openat(AT_FDCWD, "bar")? No, the point is that in the second case the permissions are checked at the open() time, instead of the second case, where the permissions are checked at the openat() time. This is the same as open()ing some file, e.g., for read, and then revoking the r bit from the vnode. You still can read the file given code did not closed the filedescriptor.
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:29 UTC