Hi,
On Fri, Apr 16, 2010 at 11:02:34AM +0100, Davide Brini wrote:
> > Unfortunately, this won't help against symlink attacks directed to
> > non-existant files (like "-> /etc/nologin").
>
> "If O_EXCL and O_CREAT are set, and path names a symbolic link, open() shall
> fail and set errno to [EEXIST], regardless of the contents of the symbolic
> link."
Oh? One learns something new every day :-) - just checked with the FreeBSD
manpage, and it's even more explicit:
If O_EXCL is set and
the last component of the pathname is a symbolic link, open() will fail
even if the symbolic link points to a non-existent name.
- so please disregard my comment. Everything is fine.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany [email protected]
fax: +49-89-35655025 [email protected]
