Re: [PATCH] symlink.7: document magic-links more completely

From: Michael Kerrisk (man-pages)
Date: Fri Jun 19 2020 - 09:00:28 EST

Next message: Jianyong Wu: "[PATCH v13 0/9] Enable ptp_kvm for arm64"
Previous message: David Hildenbrand: "[PATCH v2 3/3] mm/shuffle: remove dynamic reconfiguration"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Aleksa,

On 6/10/20 7:53 AM, Aleksa Sarai wrote:
> Hi Michael,
>
> Sorry for the delay and here is the patch I promised in this thread.

Thanks!

Patch applied.

Cheers,

Michael

> --8<---------------------------------------------------------------------8<--
>
> Traditionally, magic-links have not been a well-understood topic in
> Linux. This helps clarify some of the terminology used in openat2.2.
>
> Signed-off-by: Aleksa Sarai <cyphar@xxxxxxxxxx>
> ---
> man7/symlink.7 | 31 ++++++++++++++++++++++---------
> 1 file changed, 22 insertions(+), 9 deletions(-)
>
> diff --git a/man7/symlink.7 b/man7/symlink.7
> index 07b1db3a3764..ed99bc4236f1 100644
> --- a/man7/symlink.7
> +++ b/man7/symlink.7
> @@ -84,6 +84,21 @@ as they are implemented on Linux and other systems,
> are outlined here.
> It is important that site-local applications also conform to these rules,
> so that the user interface can be as consistent as possible.
> +.SS Magic-links
> +There is a special class of symlink-like objects known as "magic-links" which
> +can be found in certain pseudo-filesystems such as
> +.BR proc (5)
> +(examples include
> +.IR /proc/[pid]/exe " and " /proc/[pid]/fd/* .)
> +Unlike normal symlinks, magic-links are not resolved through
> +pathname-expansion, but instead act as direct references to the kernel's own
> +representation of a file handle. As such, these magic-links allow users to
> +access files which cannot be referenced with normal paths (such as unlinked
> +files still referenced by a running program.)
> +.PP
> +Because they can bypass ordinary
> +.BR mount_namespaces (7)-based
> +restrictions, magic-links have been used as attack vectors in various exploits.
> .SS Symbolic link ownership, permissions, and timestamps
> The owner and group of an existing symbolic link can be changed
> using
> @@ -99,16 +114,14 @@ of a symbolic link can be changed using
> or
> .BR lutimes (3).
> .PP
> -On Linux, the permissions of a symbolic link are not used
> -in any operations; the permissions are always
> -0777 (read, write, and execute for all user categories),
> .\" Linux does not currently implement an lchmod(2).
> -and can't be changed.
> -(Note that there are some "magic" symbolic links in the
> -.I /proc
> -directory tree\(emfor example, the
> -.IR /proc/[pid]/fd/*
> -files\(emthat have different permissions.)
> +On Linux, the permissions of an ordinary symbolic link are not used in any
> +operations; the permissions are always 0777 (read, write, and execute for all
> +user categories), and can't be changed.
> +.PP
> +However, magic-links do not follow this rule. They can have a non-0777 mode,
> +though this mode is not currently used in any permission checks.
> +
> .\"
> .\" The
> .\" 4.4BSD
>

--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/

Next message: Jianyong Wu: "[PATCH v13 0/9] Enable ptp_kvm for arm64"
Previous message: David Hildenbrand: "[PATCH v2 3/3] mm/shuffle: remove dynamic reconfiguration"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]