d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

open.2: describe O_RESOLVE_BENEATH errors correctly

Browse Source 
The behavior is the same as in capability mode, it does not actually
return EINVAL for absolute lookups:

    openat(AT_FDCWD,"/tmp/test",O_RDONLY|O_DIRECTORY,00) = 3 (0x3)
    openat(3,"../../",O_RDONLY|0x800000,00)          ERR#93 'Capabilities insufficient'
    openat(3,"/etc/passwd",O_RDONLY|0x800000,00)     ERR#93 'Capabilities insufficient'

Fixes:          1f305be43 ("Document {O,AT}_RESOLVE_BENEATH...")
Reviewed by:    kib, pauamma (manpages), emaste
Sponsored by:   https://www.patreon.com/valpackett
Pull Request:	https://github.com/freebsd/freebsd-src/pull/680
Differential Revision: https://reviews.freebsd.org/D38675
This commit is contained in:
Val Packett 2023-02-19 17:14:15 -03:00 committed by Ed Maste
parent 939b24b0ab
commit c7a8502bdf
1 changed files with 24 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
lib/libc/sys/open.2
View File

@ -28,7 +28,7 @@
.\" @(#)open.2 8.2 (Berkeley) 11/16/93 .\" @(#)open.2 8.2 (Berkeley) 11/16/93
.\" $FreeBSD$ .\" $FreeBSD$
.\" .\"
.Dd April 22, 2022 .Dd March 2, 2023
.Dt OPEN 2 .Dt OPEN 2
.Os .Os
.Sh NAME .Sh NAME
@ -572,12 +572,6 @@ and
.Dv O_EXEC .Dv O_EXEC
or or
.Dv O_SEARCH . .Dv O_SEARCH .
.It Bq Er EINVAL
The
.Dv O_RESOLVE_BENEATH
flag is specified and
.Dv path
is absolute.
.It Bq Er EBADF .It Bq Er EBADF
The The
.Fa path .Fa path
@ -606,19 +600,32 @@ is specified and the process is in capability mode.
was called and the process is in capability mode. was called and the process is in capability mode.
.It Bq Er ENOTCAPABLE .It Bq Er ENOTCAPABLE
.Fa path .Fa path
is an absolute path, is an absolute path and the process is in capability mode.
or contained a ".." component leading to a .It Bq Er ENOTCAPABLE
directory outside of the directory hierarchy specified by .Fa path
.Fa fd , is an absolute path and
.Dv O_RESOLVE_BENEATH
is specified.
.It Bq Er ENOTCAPABLE
.Fa path
contains a ".." component leading to a directory outside
of the directory hierarchy specified by
.Fa fd
and the process is in capability mode. and the process is in capability mode.
.It Bq Er ENOTCAPABLE .It Bq Er ENOTCAPABLE
The
.Dv O_RESOLVE_BENEATH
flag was provided, and the relative
.Fa path .Fa path
escapes the contains a ".." component leading to a directory outside
.Ar fd of the directory hierarchy specified by
directory. .Fa fd
and
.Dv O_RESOLVE_BENEATH
is specified.
.It Bq Er ENOTCAPABLE
.Fa path
contains a ".." component, the
.Dv vfs.lookup_cap_dotdot
.Xr sysctl 3
is set, and the process is in capability mode.
.El .El
.Sh SEE ALSO .Sh SEE ALSO
.Xr chmod 2 , .Xr chmod 2 ,