> On May 23, 2019, at 8:11 PM, Aleksa Sarai wrote:
>
>> On 2019-05-23, Aleksa Sarai wrote:
>>> On 2019-05-22, Andy Lutomirski wrote:
>>> What are actual examples of uses for this exception? Breaking
>>> selftests is not, in and of itself, a huge problem.
>>
>> Not as far as I know. All of
On 2019-05-23, Aleksa Sarai wrote:
> On 2019-05-22, Andy Lutomirski wrote:
> > What are actual examples of uses for this exception? Breaking
> > selftests is not, in and of itself, a huge problem.
>
> Not as far as I know. All of the re-opening users I know of do re-opens
> of O_PATH or are
On 2019-05-22, Andy Lutomirski wrote:
> On Mon, May 20, 2019 at 6:34 AM Aleksa Sarai wrote:
> > One final exception is given, which is that non-O_PATH file descriptors
> > are given re-open rights equivalent to the permissions available at
> > open-time. This allows for O_RDONLY file descriptors
On Mon, May 20, 2019 at 6:34 AM Aleksa Sarai wrote:
> One final exception is given, which is that non-O_PATH file descriptors
> are given re-open rights equivalent to the permissions available at
> open-time. This allows for O_RDONLY file descriptors to be re-opened
> O_RDWR as long as the user
The ability for userspace to "re-open" file descriptors through
/proc/self/fd has been a very useful tool for all sorts of usecases
(container runtimes are one common example). However, the current
interface for doing this has resulted in some pretty subtle security
holes. Userspace can re-open a
5 matches
Mail list logo
