Timeline for Why do bind mounts of device nodes break with EACCES in root of a tmpfs?
Current License: CC BY-SA 4.0
11 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Nov 27, 2020 at 22:18 | history | bounty awarded | R.. GitHub STOP HELPING ICE | ||
| Nov 26, 2020 at 5:41 | comment | added | R.. GitHub STOP HELPING ICE | Sorry, I tried to award it and thought I did, but can't yet. Will do once the waiting period expires. | |
| Nov 26, 2020 at 4:50 | comment | added | R.. GitHub STOP HELPING ICE |
Ah, I see the whole point of these restrictions is for the sake of broken applications that omit O_EXCL. In any case, WOW, thank you for this deep explanation. It's perfect and you totally deserve the bounty, which I've awarded.
|
|
| Nov 26, 2020 at 4:39 | comment | added | R.. GitHub STOP HELPING ICE |
@DanilaKiver: That should only apply to O_EXCL not O_CREAT.
|
|
| Nov 26, 2020 at 4:38 | vote | accept | R.. GitHub STOP HELPING ICE | ||
| Nov 26, 2020 at 4:02 | comment | added | Danila Kiver | In other words, I also would consider this a bug, but I'm not a kernel developer, so that's just a passer-by's opinion. | |
| Nov 26, 2020 at 4:02 | comment | added | Danila Kiver |
According to the manpages, the original assumption which this restriction is based upon is that the caller may intend to create the file with O_CREAT, while this file may already be created by an attacking user (thus, fooling the caller of openat). Given that device nodes are not supposed to be created automatically with O_CREAT (so O_CREAT for devices in openat does not actually imply the intention to create the file), I believe that (probably) there is no reason for denying such calls for device nodes.
|
|
| Nov 26, 2020 at 3:51 | comment | added | Joseph Sible-Reinstate Monica | That function was added in git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/… . It looks to me like a bug: the commit message doesn't mention anything about other types of files, and it effectively forces "protected" mode on for them. | |
| Nov 26, 2020 at 3:50 | history | edited | Danila Kiver | CC BY-SA 4.0 |
added 9 characters in body
|
| Nov 26, 2020 at 3:41 | history | edited | Danila Kiver | CC BY-SA 4.0 |
added 3 characters in body
|
| Nov 26, 2020 at 3:33 | history | answered | Danila Kiver | CC BY-SA 4.0 |