From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.org/gmane.linux.lib.musl.general/2839
Path: news.gmane.org!not-for-mail
From: Rich Felker <dalias@aerifal.cx>
Newsgroups: gmane.comp.lib.glibc.alpha,gmane.linux.lib.musl.general
Subject: Re: O_EXEC and O_SEARCH
Date: Sat, 23 Feb 2013 00:03:24 -0500
Message-ID: <20130223050323.GW20323@brightrain.aerifal.cx>
References: <20130222004540.GA8836@brightrain.aerifal.cx>
 <CAHGf_=p1XsUTR2MfffTTR6dGHRN5f44WFWCRvLoaz9VJyCT2DA@mail.gmail.com>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: ger.gmane.org 1361595821 992 80.91.229.3 (23 Feb 2013 05:03:41 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sat, 23 Feb 2013 05:03:41 +0000 (UTC)
Cc: libc-alpha <libc-alpha@sourceware.org>, musl@lists.openwall.com
To: KOSAKI Motohiro <kosaki.motohiro@gmail.com>
Original-X-From: libc-alpha-return-37220-glibc-alpha=m.gmane.org@sourceware.org Sat Feb 23 06:04:03 2013
Return-path: <libc-alpha-return-37220-glibc-alpha=m.gmane.org@sourceware.org>
Envelope-to: glibc-alpha@plane.gmane.org
Original-Received: from server1.sourceware.org ([209.132.180.131] helo=sourceware.org)
	by plane.gmane.org with smtp (Exim 4.69)
	(envelope-from <libc-alpha-return-37220-glibc-alpha=m.gmane.org@sourceware.org>)
	id 1U97HF-0006iw-9A
	for glibc-alpha@plane.gmane.org; Sat, 23 Feb 2013 06:04:01 +0100
Comment: DKIM? See http://www.dkim.org
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;
	d=sourceware.org; s=default; x=1362200621; h=Comment:
	DomainKey-Signature:Received:Received:Date:To:Cc:Subject:
	Message-ID:References:MIME-Version:Content-Type:
	Content-Disposition:In-Reply-To:User-Agent:From:Mailing-List:
	Precedence:List-Id:List-Unsubscribe:List-Subscribe:List-Archive:
	List-Post:List-Help:Sender:Delivered-To; bh=7KMsb1wniwHvBWvpWuc+
	pX1Eaic=; b=FYcVDeSGRShwW8cA275HxJ4Sfd+K+HYD337wEoV3675mRKfJ2Bvn
	Dd+ft737f3/MD9XN7xB7jcdJ1W+maO+Oz9llOFu0gnaxfytQ3P+KPRyIUXrgtN95
	xWGvNi8qcArOTgGTFE/38buy5ikrGsTS1qpts5t/hD/xoFmH8oD0S4s=
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=default; d=sourceware.org;
	h=Received:Received:X-SWARE-Spam-Status:X-Spam-Check-By:Date:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:User-Agent:From:Mailing-List:Precedence:List-Id:List-Unsubscribe:List-Subscribe:List-Archive:List-Post:List-Help:Sender:Delivered-To;
	b=Vm/4fPFx18A6LLpmPRNBRvHfWMejy3b5VvLQEVYS0Z63aLkbXOvlgEMdrDavH0
	J+KEgU54MRSJnvINYf7TIlWA9bPgAYBktz+0xaSrnHxkpYh4xGEF/tojzzeWGWOH
	4lU6RDbYlmkdTxgK0mtMNVhQ5GDXh51hAYdMvWHFPJNRs=;
Original-Received: (qmail 487 invoked by alias); 23 Feb 2013 05:03:37 -0000
Original-Received: (qmail 473 invoked by uid 22791); 23 Feb 2013 05:03:35 -0000
X-SWARE-Spam-Status: No, hits=0.1 required=5.0
	tests=AWL,BAYES_00,KHOP_DYNAMIC2,RDNS_DYNAMIC,TVD_RCVD_IP
X-Spam-Check-By: sourceware.org
Content-Disposition: inline
In-Reply-To: <CAHGf_=p1XsUTR2MfffTTR6dGHRN5f44WFWCRvLoaz9VJyCT2DA@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-glibc-alpha=m.gmane.org@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Original-Sender: libc-alpha-owner@sourceware.org
Xref: news.gmane.org gmane.comp.lib.glibc.alpha:29556 gmane.linux.lib.musl.general:2839
Archived-At: <http://permalink.gmane.org/gmane.comp.lib.glibc.alpha/29556>

On Fri, Feb 22, 2013 at 11:54:17PM -0500, KOSAKI Motohiro wrote:
> > Right now, we're offering O_EXEC and O_SEARCH in musl libc, defining
> > them as O_PATH. As long as recent Linux is used, this gives nearly
> > correct semantics, except that combined with O_NOFOLLOW they do not
> > fail when the final component is a symbolic link. I believe it's
> > possible to work around this issue on sufficiently modern kernels
> > where fstat works on O_PATH file descriptors, but adding the
> > workaround whenever O_PATH|O_NOFOLLOW is in the flags would change the
> > semantics when O_PATH is used by the caller rather than O_EXEC or
> > O_SEARCH, since the value is equal. I'm not sure this is desirable.
> 
> I have one more question. If I understand correctly, O_NOFOLLOW is
> unspecified in
> POSIX.

Wrong.

> Why do you think the current behavior is not correct?

    O_NOFOLLOW
    If path names a symbolic link, fail and set errno to [ELOOP].

See http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html

> And, as far as I observed, current linux man pages don't tell us
> O_PATH|O_NOFOLLOW
> behavior. Is this really intentional result? How do you confirmed?

Yes, it seems intentional. O_PATH without O_NOFOLLOW would resolve the
symbolic link and open a file descriptor referring to the target
inode. O_PATH|O_NOFOLLOW opens a file descriptor to the symbolic link
inode itself. As far as I can see, this behavior is desirable and
intentional with O_PATH but wrong for O_SEARCH or O_EXEC.

Rich