mirror of
https://github.com/opnsense/src.git
synced 2026-06-09 00:32:25 -04:00
open.2: describe O_RESOLVE_BENEATH errors correctly
The behavior is the same as in capability mode, it does not actually
return EINVAL for absolute lookups:
openat(AT_FDCWD,"/tmp/test",O_RDONLY|O_DIRECTORY,00) = 3 (0x3)
openat(3,"../../",O_RDONLY|0x800000,00) ERR#93 'Capabilities insufficient'
openat(3,"/etc/passwd",O_RDONLY|0x800000,00) ERR#93 'Capabilities insufficient'
Fixes: 1f305be43 ("Document {O,AT}_RESOLVE_BENEATH...")
Reviewed by: kib, pauamma (manpages), emaste
Sponsored by: https://www.patreon.com/valpackett
Pull Request: https://github.com/freebsd/freebsd-src/pull/680
Differential Revision: https://reviews.freebsd.org/D38675
This commit is contained in:
Val Packett
Ed Maste
parent
939b24b0ab
commit
c7a8502bdf
1 changed files with 24 additions and 17 deletions
|
|
@ -28,7 +28,7 @@
|
|||
.\" @(#)open.2 8.2 (Berkeley) 11/16/93
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd April 22, 2022
|
||||
.Dd March 2, 2023
|
||||
.Dt OPEN 2
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
|
@ -572,12 +572,6 @@ and
|
|||
.Dv O_EXEC
|
||||
or
|
||||
.Dv O_SEARCH .
|
||||
.It Bq Er EINVAL
|
||||
The
|
||||
.Dv O_RESOLVE_BENEATH
|
||||
flag is specified and
|
||||
.Dv path
|
||||
is absolute.
|
||||
.It Bq Er EBADF
|
||||
The
|
||||
.Fa path
|
||||
|
|
@ -606,19 +600,32 @@ is specified and the process is in capability mode.
|
|||
was called and the process is in capability mode.
|
||||
.It Bq Er ENOTCAPABLE
|
||||
.Fa path
|
||||
is an absolute path,
|
||||
or contained a ".." component leading to a
|
||||
directory outside of the directory hierarchy specified by
|
||||
.Fa fd ,
|
||||
is an absolute path and the process is in capability mode.
|
||||
.It Bq Er ENOTCAPABLE
|
||||
.Fa path
|
||||
is an absolute path and
|
||||
.Dv O_RESOLVE_BENEATH
|
||||
is specified.
|
||||
.It Bq Er ENOTCAPABLE
|
||||
.Fa path
|
||||
contains a ".." component leading to a directory outside
|
||||
of the directory hierarchy specified by
|
||||
.Fa fd
|
||||
and the process is in capability mode.
|
||||
.It Bq Er ENOTCAPABLE
|
||||
The
|
||||
.Dv O_RESOLVE_BENEATH
|
||||
flag was provided, and the relative
|
||||
.Fa path
|
||||
escapes the
|
||||
.Ar fd
|
||||
directory.
|
||||
contains a ".." component leading to a directory outside
|
||||
of the directory hierarchy specified by
|
||||
.Fa fd
|
||||
and
|
||||
.Dv O_RESOLVE_BENEATH
|
||||
is specified.
|
||||
.It Bq Er ENOTCAPABLE
|
||||
.Fa path
|
||||
contains a ".." component, the
|
||||
.Dv vfs.lookup_cap_dotdot
|
||||
.Xr sysctl 3
|
||||
is set, and the process is in capability mode.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr chmod 2 ,
|
||||
|
|
|
|||
Loading…
Reference in a new issue