Re: [PATCH v4 2/5] fs: Add fchmodat2()

(off-list ancestor, not in this archive)
Re: Add a new fchmodat4() syscall, v2 · Florian Weimer <hidden> · 2020-06-09
[PATCH v3 0/5] Add a new fchmodat4() syscall · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v3 3/5] arch: Register fchmodat4, usually as syscall 451 · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v3 3/5] arch: Register fchmodat4, usually as syscall 451 · "Arnd Bergmann" <arnd@arndb.de> · 2023-07-11
[PATCH v3 5/5] selftests: add fchmodat4(2) selftest · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v3 1/5] Non-functional cleanup of a "__user * filename" · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v3 1/5] Non-functional cleanup of a "__user * filename" · "Arnd Bergmann" <arnd@arndb.de> · 2023-07-11
[PATCH v3 2/5] fs: Add fchmodat4() · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · "Arnd Bergmann" <arnd@arndb.de> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Christian Brauner <brauner@kernel.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Christian Brauner <brauner@kernel.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Matthew Wilcox <willy@infradead.org> · 2023-07-11
Re: [PATCH v3 2/5] fs: Add fchmodat4() · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v3 4/5] tools headers UAPI: Sync files changed by new fchmodat4 syscall · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v4 0/5] Add a new fchmodat2() syscall · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v4 1/5] Non-functional cleanup of a "__user * filename" · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · "Arnd Bergmann" <arnd@arndb.de> · 2023-07-11
Re: [PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · Geert Uytterhoeven <geert@linux-m68k.org> · 2023-07-25
Re: [PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · Aleksa Sarai <hidden> · 2023-07-25
Re: [PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · Christian Brauner <brauner@kernel.org> · 2023-07-27
Re: [PATCH v4 3/5] arch: Register fchmodat2, usually as syscall 452 · Aleksa Sarai <hidden> · 2023-07-27
[PATCH v4 2/5] fs: Add fchmodat2() · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Christian Brauner <brauner@kernel.org> · 2023-07-11
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Aleksa Sarai <hidden> · 2023-07-25
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Alexey Gladkov <legion@kernel.org> · 2023-07-26
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Christian Brauner <brauner@kernel.org> · 2023-07-27
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Aleksa Sarai <hidden> · 2023-07-27
Re: [PATCH v4 2/5] fs: Add fchmodat2() · Aleksa Sarai <hidden> · 2023-07-27
RE: [PATCH v4 2/5] fs: Add fchmodat2() · David Laight <hidden> · 2023-07-28
Re: [PATCH v4 2/5] fs: Add fchmodat2() · "dalias@libc.org" <dalias@libc.org> · 2023-07-28
RE: [PATCH v4 2/5] fs: Add fchmodat2() · David Laight <hidden> · 2023-07-27
Re: [PATCH v4 2/5] fs: Add fchmodat2() · "dalias@libc.org" <dalias@libc.org> · 2023-07-27
[PATCH v4 5/5] selftests: Add fchmodat2 selftest · Alexey Gladkov <legion@kernel.org> · 2023-07-11
[PATCH v4 4/5] tools headers UAPI: Sync files changed by new fchmodat2 syscall · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: [PATCH v4 4/5] tools headers UAPI: Sync files changed by new fchmodat2 syscall · Namhyung Kim <namhyung@kernel.org> · 2023-07-11
Re: [PATCH v4 4/5] tools headers UAPI: Sync files changed by new fchmodat2 syscall · Alexey Gladkov <legion@kernel.org> · 2023-07-11
Re: (subset) [PATCH v4 0/5] Add a new fchmodat2() syscall · Christian Brauner <brauner@kernel.org> · 2023-07-11
Add fchmodat2() - or add a more general syscall? · David Howells <dhowells@redhat.com> · 2023-07-25
Re: Add fchmodat2() - or add a more general syscall? · Aleksa Sarai <hidden> · 2023-07-25
Re: Add fchmodat2() - or add a more general syscall? · Eric Biggers <ebiggers@kernel.org> · 2023-07-27
Re: Add fchmodat2() - or add a more general syscall? · Christian Brauner <brauner@kernel.org> · 2023-07-27
Re: [PATCH v4 0/5] Add a new fchmodat2() syscall · Rich Felker <dalias@libc.org> · 2023-07-26

From: "dalias@libc.org" <dalias@libc.org>
Date: 2023-07-28 18:42:38
Also in: linux-alpha, linux-api, linux-arch, linux-m68k, linux-mips, linux-s390, linux-sh, linuxppc-dev, lkml, sparclinux

Possibly related (same subject, not in this thread)

2023-07-27 · Re: [PATCH v4 2/5] fs: Add fchmodat2() · Christian Brauner <brauner@kernel.org>
2023-07-27 · Re: [PATCH v4 2/5] fs: Add fchmodat2() · "dalias@libc.org" <dalias@libc.org>
2023-07-27 · Re: [PATCH v4 2/5] fs: Add fchmodat2() · Christian Brauner <brauner@kernel.org>
2023-07-27 · Re: [PATCH v4 2/5] fs: Add fchmodat2() · Andreas Schwab <hidden>

On Fri, Jul 28, 2023 at 08:43:58AM +0000, David Laight wrote:

....

quoted

FWIW, I agree with Christian that these behaviours are not ideal (and
I'm working on a series that might allow for these things to be properly
blocked in the future) but there's also the consistency argument -- I
don't think fchownat() is much safer to allow in this way than
fchmodat() and (again) this behaviour is already possible through
procfs.

If the 'through procfs' involves readlink("/proc/self/fd/n") and
accessing through the returned path then the permission checks
are different.
Using the returned path requires search permissions on all the
directories.

That's *not* how "through procfs" works. The "magic symlinks" in
/proc/*/fd are not actual symlinks that get dereferenced to the
contents they readlink() to, but special-type objects that dereference
directly to the underlying file associated with the open file
description.

Rich

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help