Re: [PATCH] new syscall: flink

Mark Grosberg (mark@nolab.conman.org)
Sun, 6 Apr 2003 22:56:42 -0400 (EDT)


On Sun, Apr 6 2003, H. Peter Anvin wrote:

> > Suppose I give you an O_RDONLY handle to a file which you then
> > flink and gain write access too ?
>
> This, I believe, is the real issue. However, we already have that
> problem:

As far as I understand it, isn't the protection information stored in the
inode? The flink call is just linking an inode into a directory that the
caller has write access to. The permissions and ownership of the file
shouldn't change.

> int main(int argc, char *argv[])
> {
> int rfd, wfd;
> char filebuf[PATH_MAX];
>
> rfd = open("testfile", O_RDONLY|O_CREAT, 0666);
> /* Now rfd is a read-only file descriptor */

There is nothing stopping the caller from re-opening the to-be flinked()
file descriptor read-write using its name if the caller has permissions.
So I don't see why that case is different.

Other than that, HPA's responses make sense.

Personally, I would like to see this system call in Linux. It does make
certain thing easier. Not necessarily even in a security context, but
sometimes its generally useful to be able to make a hard link to an
already open file rather than track the name.

L8r,
Mark G.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/