Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp328776iob; Fri, 13 May 2022 02:37:31 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyKvFk30mMu4YlaO70mxjiAZ77hC8oixZ/u65jT1J2sMP1JnVMyGWyUAY/+gevqfS3HqjnL X-Received: by 2002:a05:6a00:1903:b0:4fa:fa9e:42e6 with SMTP id y3-20020a056a00190300b004fafa9e42e6mr3691948pfi.1.1652434650484; Fri, 13 May 2022 02:37:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652434650; cv=none; d=google.com; s=arc-20160816; b=F8ABSrCmVRdbcx8q+BSvDtc7FuIdbvXcQDSqqfXZAVcLntJWX/MIgIGUUf3lTiskZd R9dNSibvW3nsdyVIGUFiXL6dEjdaNfokX/fz0tNKho8qfyEAQyDyey2GTqsaTmCiin93 EFuWN/ZlyvQpJPqoVse5D8tzuUf+8gqSoOjNV6WMGu9J6sRZRWnQp2LJXeAoBrR4r3zN UfDwltCOgFpiJOrEg6BN49UEZ+4MSTyv0PfLP5/Lnin4H2WETG9PH1mkN5QG4pkxip0d q1qbdYeuGCJ0GT99W6ksgNAZ/qztn2/uux/VEyD9osSYca4jIJQK1fhVY67uvBQvVt08 DvYA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :feedback-id:references:in-reply-to:message-id:subject:reply-to:from :to:dkim-signature:date; bh=UqamLj4BJ8E9gSU1cyoMnFv0DQaZ7oKu0fpmqx4XkMU=; b=k7ja3ntc1q56VwKnBFkNM8ClXJh3b7Q3r+uEcSA20SxK1Nlbof5mG41CSixafHvknj T0/V/iOAeY82RIvkYmU4YzyG4rhslYulrR8a1LuIrqLLzL0sEZRt69LMUvwPWbBrIew3 6YnpnfYZC0S6edrND6V6hQ8rcxULB1QpcTAV/8bvcJSfHYnTPh6MTlNp4zSNmaw96L2V r+MKB0UWIdPjSz4AKwn6yP1IXixDnfq2t74LjmjATo3gmOEylenWhV1QGBli7PC6jKmi 4myIS9p+lgg5o3oKBgKn5TTgO2XiB7OJccKr+9SrTKWJLM+aSOHL6KR7lbHEE6H2WnBK Bz8w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@emersion.fr header.s=protonmail2 header.b="Er/8a6YP"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=emersion.fr Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z17-20020a170903019100b0015b4a198c8fsi3073286plg.288.2022.05.13.02.37.15; Fri, 13 May 2022 02:37:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@emersion.fr header.s=protonmail2 header.b="Er/8a6YP"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=emersion.fr Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1353910AbiELMli (ORCPT + 99 others); Thu, 12 May 2022 08:41:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36270 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1353915AbiELMlX (ORCPT ); Thu, 12 May 2022 08:41:23 -0400 Received: from mail-4018.proton.ch (mail-4018.proton.ch [185.70.40.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 546625799B for ; Thu, 12 May 2022 05:41:21 -0700 (PDT) Date: Thu, 12 May 2022 12:41:16 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=emersion.fr; s=protonmail2; t=1652359279; bh=UqamLj4BJ8E9gSU1cyoMnFv0DQaZ7oKu0fpmqx4XkMU=; h=Date:To:From:Reply-To:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=Er/8a6YP+4nfThL0mlkEjQDoMW+DqHzTUCotJgaVsuWUECGHKzWSOWmi/ZDsychbd 61BflP9DaK1qfGptv5nseL0+q8KBsaNOYQCPwyMaA6jTZKvn+IKFfG/DRA0xIELbsP 5tCItORkIZASbXFQ+3zQ913zO/MAnif9eutcMs38MRODYAEFojglFqJbRFxj6PiZvt lMKuAlkXkQqcA5GtU+0wdAZaqDIePksoppnwkxBp+A8/DD26LoAY6qlsLc2/wMHt3+ 1r2z22TxAI2w4wCZJcbwxpRavmTO0fRgX/zcm+hersRlbxIaaoQe4yqZegDJvaaVBX X0V1oLSbxAf0Q== To: "linux-kernel@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" From: Simon Ser Reply-To: Simon Ser Subject: Re: procfs: open("/proc/self/fd/...") allows bypassing O_RDONLY Message-ID: <03l0hfZIzD9KwSxSntGcmfFhvbIKiK45poGUhXtR7Qi0Av0-ZnqnSBPAP09GGpSrKGZWZNCTvme_Gpiuz0Bcg6ewDIXSH24SBx_tvfyZSWU=@emersion.fr> In-Reply-To: References: Feedback-ID: 1358184:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.2 required=5.0 tests=BAYES_40,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thursday, May 12th, 2022 at 12:37, Simon Ser wrote= : > what would be a good way to share a FD to another > process without allowing it to write to the underlying file? (I'm reminded that memfd + seals exist for this purpose. Still, I'd be interested to know whether that O_RDONLY/O_RDWR behavior is intended, because it's pretty surprising. The motivation for using O_RDONLY over memfd seals is that it isn't Linux-specific.)