Well, if you want to avoid TOCTOA, you need something like linux's O_PATH which opens the file for "stat" like access only. But even linux does not have a way to "upgrade" that fd to be able to read, short of: fd = open(path, O_PATH); fstat(fd, &st); if (is a device) bail; snprintf(buf, sizeof(buf), "/proc/self/fds/%d", fd); nfd = open(buf, O_RDONLY); We do have O_EXEC, but I am not sure if that is the same as O_PATH (if it does not really open the device) christos
Attachment:
signature.asc
Description: Message signed with OpenPGP