diff options
author | Omar Polo <op@omarpolo.com> | 2021-07-27 09:21:42 +0000 |
---|---|---|
committer | Omar Polo <op@omarpolo.com> | 2021-07-27 09:21:42 +0000 |
commit | efb48052dcb6788001e7cce089c2b2f375d927c5 (patch) | |
tree | 2af8d5f4f05c8fd48a368ec39d57a729a9f5d226 | |
parent | a8e1e8d73853b4373ae4554be976bf827cb2dc81 (diff) |
relax openat rule: follow symlinks
O_NOFOLLOW acts only on *the last component*, so on
open("/foo/bar/baz") only when baz is a symlink open fails.
Checking every path component is not viable.
gh issue #5 related (sort of)
-rw-r--r-- | server.c | 5 |
1 files changed, 2 insertions, 3 deletions
@@ -310,7 +310,7 @@ check_path(struct client *c, const char *path, int *fd) { struct stat sb; const char *p; - int flags, dirfd, strip; + int dirfd, strip; assert(path != NULL); @@ -332,8 +332,7 @@ check_path(struct client *c, const char *path, int *fd) dirfd = vhost_dirfd(c->host, path, &c->loc); log_debug(c, "check_path: strip=%d path=%s original=%s", strip, p, path); - flags = O_RDONLY | O_NOFOLLOW; - if (*fd == -1 && (*fd = openat(dirfd, p, flags)) == -1) + if (*fd == -1 && (*fd = openat(dirfd, p, O_RDONLY)) == -1) return FILE_MISSING; if (fstat(*fd, &sb) == -1) { |