mirror of https://github.com/mkerrisk/man-pages
openat2.2: Rework RESOLVE_IN_ROOT text
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
36c9d56de6
commit
d144dc36b8
|
@ -266,12 +266,7 @@ the caller should explicitly specify
|
|||
Treat
|
||||
.I dirfd
|
||||
as the root directory while resolving
|
||||
.I pathname
|
||||
(as though the user called
|
||||
.BR chroot (2)
|
||||
with the directory referred to by
|
||||
.IR dirfd
|
||||
as the argument).
|
||||
.IR pathname .
|
||||
Absolute symbolic links and ".." path components will be scoped to
|
||||
.IR dirfd .
|
||||
If
|
||||
|
@ -279,13 +274,22 @@ If
|
|||
is an absolute path, it is also treated relative to
|
||||
.IR dirfd .
|
||||
.IP
|
||||
The effect of this flag is as though the calling process had used
|
||||
.BR chroot (2)
|
||||
to (temporarily) modify its root directory (to the directory
|
||||
referred to by
|
||||
.IR dirfd ).
|
||||
However, unlike
|
||||
.BR chroot (2)
|
||||
(which changes the filesystem root permanently for a process),
|
||||
.B RESOLVE_IN_ROOT
|
||||
allows a program to efficiently restrict path resolution for only certain
|
||||
operations.
|
||||
It also has several hardening features
|
||||
allows a program to efficiently restrict path resolution for selected
|
||||
open operations.
|
||||
.\" FIXME The next piece is unclear (to me). What kind of ".." escape
|
||||
.\" attempts does chroot() not detecct that RESOLVE_IN_ROOT does?
|
||||
The
|
||||
.B RESOLVE_IN_ROOT
|
||||
flag also has several hardening features
|
||||
(such as detecting escape attempts during
|
||||
.I ".."
|
||||
resolution) which
|
||||
|
|
Loading…
Reference in New Issue