Re: Some ostree observations



On Tue, Feb 25, 2014 at 2:08 PM, Florian Weimer <fweimer redhat com> wrote:
You could use lsetxattr and /proc/self/fd/%d/%s. It shows up as a symlink, but no symlink resolution is performed.

Oooh, clever.  I had forgotten about the /proc/self trick.  Done now!

https://git.gnome.org/browse/libgsystem/commit/?id=9b64f3e3d0e46bfeb6b2a1a4604c82ba5ad20535
https://git.gnome.org/browse/ostree/commit/?id=683a719b7e5db069790cc11e04ad7f8343b3aa26


It will still be vulnerable to attacks based on hard links. As a result of your linking farms, I don't think you'll be able to defend against those.

How about keeping all directories owned by root:root and mode 0700 until they're fully populated, then doing the fchown/fchmod on the dirfd?





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]