Re: [RFC] a corner case of open(2)
From: Valdis . Kletnieks
Date: Tue Apr 26 2016 - 15:25:25 EST
On Tue, 26 Apr 2016 20:02:48 +0100, Al Viro said:
> > The biggest danger I can see is some shell script doing something like:
> >
> > foobar > $dir/$targetfile
> >
> > and $targetfile is unset. If we allow a program to get an open fd that refers
> > to a directory, what are the semantics of various operations on that fd?
>
> Huh? We certainly do allow to get an open fd that refers to a directory -
> how else could ls(1) possibly work? See getdents(2) - it does use an
> open file descriptor to specify the directory we operate upon.
Gaah.. I lost a few words in there - /bin/ls is *expecting* to operate on
a directory, so to calls getdents. I meant some generic program that
opened a directory in error, and was expecting to act on "stream of bytes"
> We also do not allow opening directories for *write*, and in that case EISDIR
> is the right error (and we do return it).
OK, that and ftruncate() are about the only ways to cause trouble with a
directory opened by accident...
Attachment:
pgpnCqLIxs63u.pgp
Description: PGP signature