Re: open()ing a directory without O_DIRECTORY

To: tech-security%netbsd.org@localhost
Subject: Re: open()ing a directory without O_DIRECTORY
From: christos%astron.com@localhost (Christos Zoulas)
Date: Sat, 2 Mar 2019 14:50:57 -0000 (UTC)

In article <871s3p49lz.fsf%free.fr@localhost>,
Aymeric Vincent  <aymericvincent%free.fr@localhost> wrote:
>
>There is no trivial way to get rid of this no longer valid contents,
>since for good reason you can't write to a directory as a file. You have
>to re-create it (not always possible due to permissions) or create long
>entries until your data disappears... :-/

Why? The kernel can just zero out the deleted dirents. Yes, users
can't and should not write to directories, if you want to avoid
the data disclosure fix it in the kernel!

christos

Follow-Ups:
- Re: open()ing a directory without O_DIRECTORY
  - From: Aymeric Vincent

References:
- re: open()ing a directory without O_DIRECTORY
  - From: matthew green
- Re: open()ing a directory without O_DIRECTORY
  - From: Aymeric Vincent

Prev by Date: Re: open()ing a directory without O_DIRECTORY
Next by Date: Re: open()ing a directory without O_DIRECTORY
Previous by Thread: Re: open()ing a directory without O_DIRECTORY
Next by Thread: Re: open()ing a directory without O_DIRECTORY
Indexes:

Home | Main Index | Thread Index | Old Index