Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S940010AbdD3Eib (ORCPT ); Sun, 30 Apr 2017 00:38:31 -0400 Received: from bombadil.infradead.org ([65.50.211.133]:57695 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S937105AbdD3EiZ (ORCPT ); Sun, 30 Apr 2017 00:38:25 -0400 Date: Sat, 29 Apr 2017 21:38:22 -0700 From: Matthew Wilcox To: Al Viro Cc: Andy Lutomirski , Linux API , "linux-kernel@vger.kernel.org" , Linux FS Devel Subject: Re: new ...at() flag: AT_NO_JUMPS Message-ID: <20170430043822.GE27790@bombadil.infradead.org> References: <20170429220414.GT29622@ZenIV.linux.org.uk> <20170429232504.GU29622@ZenIV.linux.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20170429232504.GU29622@ZenIV.linux.org.uk> User-Agent: Mutt/1.8.0 (2017-02-23) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1051 Lines: 21 On Sun, Apr 30, 2017 at 12:25:04AM +0100, Al Viro wrote: > On Sat, Apr 29, 2017 at 04:17:18PM -0700, Andy Lutomirski wrote: > > On Sat, Apr 29, 2017 at 3:04 PM, Al Viro wrote: > > > New AT_... flag - AT_NO_JUMPS > > > > > > Semantics: pathname resolution must not involve > > > * traversals of absolute symlinks > > > * traversals of procfs-style symlinks > > > * traversals of mountpoints (including bindings, referrals, etc.) > > > * traversal of .. in the starting point of pathname resolution. > > > > Can you clarify this last one? I assume that ".." will be rejected, > > but what about "a/../.."? How about "b" if b is a symlink to ".."? > > How about "a/b" if a is a directory and b is a symlink to "../.."? > > All of those will be rejected - in each of those cases pathname traversal > leads back into the starting point with .. being the next component to > handle. It sounds more like AT_NO_ESCAPE ... or AT_BELOW, or something. Perhaps some example usages in the changelog?