summaryrefslogtreecommitdiff
path: root/internal/fusefrontend_reverse/rfs.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-12-07 00:08:10 +0100
committerJakob Unterwurzacher2017-12-07 00:11:35 +0100
commit87736eb833dfcf3f110dbd8846752c86aae7b481 (patch)
treed36b4048d5e30062edd1712daee1d37f02efdc62 /internal/fusefrontend_reverse/rfs.go
parent2ceef01afecafbd4aa80276869993cb53bdadcf4 (diff)
fusefrontend_reverse: secure Access against symlink races (somewhat)
Unfortunately, faccessat in Linux ignores AT_SYMLINK_NOFOLLOW, so this is not completely atomic. Given that the information you get from access is not very interesting, it seems good enough. https://github.com/rfjakob/gocryptfs/issues/165
Diffstat (limited to 'internal/fusefrontend_reverse/rfs.go')
-rw-r--r--internal/fusefrontend_reverse/rfs.go9
1 files changed, 7 insertions, 2 deletions
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index db10ce0..d87a936 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -201,11 +201,16 @@ func (rfs *ReverseFS) Access(relPath string, mode uint32, context *fuse.Context)
}
return fuse.EPERM
}
- absPath, err := rfs.abs(rfs.decryptPath(relPath))
+ dirfd, name, err := rfs.openBackingDir(relPath)
if err != nil {
return fuse.ToStatus(err)
}
- return fuse.ToStatus(syscall.Access(absPath, mode))
+ err = syscallcompat.Faccessat(dirfd, name, mode)
+ if err != nil {
+ fmt.Printf("name=%q err=%v", name, err)
+ }
+ syscall.Close(dirfd)
+ return fuse.ToStatus(err)
}
// Open - FUSE call