28 Mar
2023
28 Mar
'23
4:17 p.m.
On Tue Mar 28 16:17:45 2023 +0000, Joel Holdsworth wrote:
Ok - I've updated the patch set to adopt the design from (2a) in my above comment. Any thoughts?
On Linux, we could reduce the TOCTOU attack-space by opening the parent directory with `O_PATH`, then using `fstatat`, `fchmodat`, and `openat` to work on the file.
We could further reduce the attack-space by doing the `stat`ing and `chmod`ing with an `O_PATH` file fd. Unfortunately, we can't reopen an `O_PATH` file fd for read/write, so the file would still have to be resolved by name twice.
Still better than resolving the full path 3 or 4-times over.