提交 41a9ba25 编写于 作者: R Rich Felker

remove O_NOFOLLOW from __map_file used for time zone file loading

it's not clear why I originally wrote O_NOFOLLOW into this; I suspect
the reason was with an aim of making the function more general for
mapping partially or fully untrusted files provided by the user.
however, the timezone code already precludes use of absolute or
relative pathnames in suid/sgid programs, and disallows .. in
pathnames which are relative to one of the system timezone locations,
so there is no threat of opening a symlink which is not trusted by
appropriate user. since some users may wish to put symbolic links in
the zoneinfo directories to alias timezones, it seems preferable to
allow this.
上级 1d0d2df6
...@@ -9,7 +9,7 @@ const char unsigned *__map_file(const char *pathname, size_t *size) ...@@ -9,7 +9,7 @@ const char unsigned *__map_file(const char *pathname, size_t *size)
{ {
struct stat st; struct stat st;
const unsigned char *map = MAP_FAILED; const unsigned char *map = MAP_FAILED;
int flags = O_RDONLY|O_LARGEFILE|O_CLOEXEC|O_NOFOLLOW|O_NONBLOCK; int flags = O_RDONLY|O_LARGEFILE|O_CLOEXEC|O_NONBLOCK;
int fd = __syscall(SYS_open, pathname, flags); int fd = __syscall(SYS_open, pathname, flags);
if (fd < 0) return 0; if (fd < 0) return 0;
if (!__syscall(SYS_fstat, fd, &st)) if (!__syscall(SYS_fstat, fd, &st))
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册