oss-sec mailing list archives
Re: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour?
From: Eric Blake <eblake () redhat com>
Date: Wed, 26 Nov 2014 08:09:42 -0700
On 11/26/2014 06:45 AM, Fiedler Roman wrote:
Hello, While trying to write a small python helper library for secure opening of files, I found behaviour of following call unexpected because it created a file instead of creating/failing in opening a directory: open("xxx", O_RDONLY|O_CREAT|O_DIRECTORY, 0600) = 3
What does fstat say about the file type of the just-created fd 3? Here's what POSIX has to say about the matter: http://austingroupbugs.net/view.php?id=847 If the combination is supported, it MUST create a directory. This is actually a nice extension if it is provided, as there is no other standard interface that can atomically create AND open a directory; remember, there is a minor TOCTTOU race between mkdir()/open(), although the effects of that race are not too horrible (it is sufficient to use O_DIRECTORY during the open as well as a quick readdir to confirm that the just-opened directory is still empty, to be reasonably sure that the race was not won by someone replacing the directory with something unintended). On the other hand, the behavior is an extension, and historical implementations would fail (probably with EINVAL for invalid flag combination), so portable applications cannot rely on it working. But if it succeeds, and did NOT create a directory, then it is in violation of POSIX. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Fiedler Roman (Nov 26)
- Re: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Eric Blake (Nov 26)
- AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Fiedler Roman (Nov 26)
- Re: AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Daniel Kahn Gillmor (Nov 26)
- Re: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Matthew Daley (Nov 26)
- AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Fiedler Roman (Nov 26)
- Re: AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Andy Lutomirski (Dec 01)
- AW: Re: AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Fiedler Roman (Dec 15)
- AW: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Fiedler Roman (Nov 26)
- Re: O_CREAT|O_DIRECTORY on nonexisting file expected behaviour? Eric Blake (Nov 26)