openat2.2: Rework RESOLVE_IN_ROOT text

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2020-03-30 14:41:07 +02:00 · 2020-03-30 14:41:07 +02:00 · d144dc36b8
parent 36c9d56de6
commit d144dc36b8
1 changed files with 13 additions and 9 deletions
--- a/man2/openat2.2
+++ b/man2/openat2.2
@ -266,12 +266,7 @@ the caller should explicitly specify
 Treat
 .I dirfd
 as the root directory while resolving
-.I pathname
-(as though the user called
-.BR chroot (2)
-with the directory referred to by
-.IR dirfd
-as the argument).
+.IR pathname .
 Absolute symbolic links and ".." path components will be scoped to
 .IR dirfd .
 If
@ -279,13 +274,22 @@ If
 is an absolute path, it is also treated relative to
 .IR dirfd .
 .IP
+The effect of this flag is as though the calling process had used
+.BR chroot (2)
+to (temporarily) modify its root directory (to the directory
+referred to by
+.IR dirfd ).
 However, unlike
 .BR chroot (2)
 (which changes the filesystem root permanently for a process),
 .B RESOLVE_IN_ROOT
-allows a program to efficiently restrict path resolution for only certain
-operations.
-It also has several hardening features
+allows a program to efficiently restrict path resolution for selected
+open operations.
+.\" FIXME The next piece is unclear (to me). What kind of ".." escape
+.\" attempts does chroot() not detecct that RESOLVE_IN_ROOT does?
+The
+.B RESOLVE_IN_ROOT
+flag also has several hardening features
 (such as detecting escape attempts during
 .I ".."
 resolution) which