On Thu, 14 Jun 2001, Richard Henderson wrote:
> Yes, I saw those. What is the effect of O_NOFOLLOW? To not
> follow symbolic links when opening the file. If you open a
> regular file, in effect nothing happens. Moreover, if these
> opens were not finding files now, the system wouldn't work.
>
> So: the effect, I suppose, is (1) disabling some security
> within glibc, and (2) making these accesses slower since they
> will be considered O_DIRECT after the change.
>
> Which doesn't seem that life-threatening to me.
O_NOFOLLOW is used to deal with symlink attacks. Breaking it means
that for quite a few binaries you are opening security holes. And
since it's a flagday change, you'll get the situation when no version
will work for all kernels. Bad idea, IMO.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
