On Fri, Oct 05, 2007 at 04:07:19PM -0400, James Carlson wrote: > Nicolas Williams writes: > > This hole is not much of a hole for the autofs case because users don't > > normally get to make symlinks in autofs directories. That consideration > > does not apply here, so technically the change made for autofs did not > > introduce a security bug, but this change would. > > How's that? > > The proposed change looks equivalent to me in terms of security. Have > you looked at the webrev? Previously, we compared st_fstype from the > first stat() against "autofs" to check for trigger points, and now > (with the proposed change, and in exactly the same code) we look at > st_mode from the first stat() and check for the S_TRIGGER flag. The > two versions do exactly the same thing functionally, so I don't see > how this change introduces any flaw that isn't there today and hasn't > been there for more than 2.5 years.
Oh, I see, I forgot about the S_TRIGGER flag.
