summaryrefslogtreecommitdiff
path: root/internal/fusefrontend
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-11-30 19:40:53 +0100
committerJakob Unterwurzacher2017-11-30 19:40:53 +0100
commite97c23e08383666117523cf3145f1213b41c2489 (patch)
tree19e93878a9f87e41d4704325d4f01c44c464214b /internal/fusefrontend
parent22282aefe6f4da0257ea8f568aa4369ad15ce5f9 (diff)
syscallcompat: check that we get NOFOLLOW wherever possible
...and fix the instances where the AT_SYMLINK_NOFOLLOW / O_NOFOLLOW / O_EXCL flag was missing.
Diffstat (limited to 'internal/fusefrontend')
-rw-r--r--internal/fusefrontend/fs.go4
-rw-r--r--internal/fusefrontend/fs_dir.go4
2 files changed, 4 insertions, 4 deletions
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index d6467f9..cc055c7 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -211,7 +211,7 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
// Create content
var fdRaw int
- fdRaw, err = syscallcompat.Openat(int(dirfd.Fd()), cName, newFlags|os.O_CREATE, mode)
+ fdRaw, err = syscallcompat.Openat(int(dirfd.Fd()), cName, newFlags|os.O_CREATE|os.O_EXCL, mode)
if err != nil {
nametransform.DeleteLongName(dirfd, cName)
return nil, fuse.ToStatus(err)
@@ -219,7 +219,7 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
fd = os.NewFile(uintptr(fdRaw), cName)
} else {
// Normal (short) file name
- fd, err = os.OpenFile(cPath, newFlags|os.O_CREATE, os.FileMode(mode))
+ fd, err = os.OpenFile(cPath, newFlags|os.O_CREATE|os.O_EXCL, os.FileMode(mode))
if err != nil {
return nil, fuse.ToStatus(err)
}
diff --git a/internal/fusefrontend/fs_dir.go b/internal/fusefrontend/fs_dir.go
index 4ffaaff..5cc269b 100644
--- a/internal/fusefrontend/fs_dir.go
+++ b/internal/fusefrontend/fs_dir.go
@@ -146,7 +146,7 @@ func (fs *FS) Rmdir(path string, context *fuse.Context) (code fuse.Status) {
cName := filepath.Base(cPath)
dirfdRaw, err := syscallcompat.Openat(int(parentDirFd.Fd()), cName,
- syscall.O_RDONLY, 0)
+ syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
if err == syscall.EACCES {
// We need permission to read and modify the directory
tlog.Debug.Printf("Rmdir: handling EACCESS")
@@ -168,7 +168,7 @@ func (fs *FS) Rmdir(path string, context *fuse.Context) (code fuse.Status) {
var st syscall.Stat_t
syscall.Lstat(cPath, &st)
dirfdRaw, err = syscallcompat.Openat(int(parentDirFd.Fd()), cName,
- syscall.O_RDONLY, 0)
+ syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
// Undo the chmod if removing the directory failed
defer func() {
if code != fuse.OK {