This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: O_EXEC and O_SEARCH
On Fri, Feb 22, 2013 at 11:54:17PM -0500, KOSAKI Motohiro wrote:
> > Right now, we're offering O_EXEC and O_SEARCH in musl libc, defining
> > them as O_PATH. As long as recent Linux is used, this gives nearly
> > correct semantics, except that combined with O_NOFOLLOW they do not
> > fail when the final component is a symbolic link. I believe it's
> > possible to work around this issue on sufficiently modern kernels
> > where fstat works on O_PATH file descriptors, but adding the
> > workaround whenever O_PATH|O_NOFOLLOW is in the flags would change the
> > semantics when O_PATH is used by the caller rather than O_EXEC or
> > O_SEARCH, since the value is equal. I'm not sure this is desirable.
>
> I have one more question. If I understand correctly, O_NOFOLLOW is
> unspecified in
> POSIX.
Wrong.
> Why do you think the current behavior is not correct?
O_NOFOLLOW
If path names a symbolic link, fail and set errno to [ELOOP].
See http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html
> And, as far as I observed, current linux man pages don't tell us
> O_PATH|O_NOFOLLOW
> behavior. Is this really intentional result? How do you confirmed?
Yes, it seems intentional. O_PATH without O_NOFOLLOW would resolve the
symbolic link and open a file descriptor referring to the target
inode. O_PATH|O_NOFOLLOW opens a file descriptor to the symbolic link
inode itself. As far as I can see, this behavior is desirable and
intentional with O_PATH but wrong for O_SEARCH or O_EXEC.
Rich