summaryrefslogtreecommitdiff
path: root/internal
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-12-05 23:11:46 +0100
committerJakob Unterwurzacher2017-12-05 23:14:12 +0100
commit926cb93b50d6a573dbbef59ff841960b9d824c37 (patch)
treef704dd2ff709215dc3c1f69c6ed0480cc4510b08 /internal
parente604ce6deaf0ba4407c54293a338673ed06f833a (diff)
fusefrontend_reverse: secure OpenDir against symlink races
...by using the new OpenNofollow helper. The benchmark shows a small but acceptable performance loss: $ ./benchmark-reverse.bash LS: 2.182 CAT: 18.221 Tracking ticket: https://github.com/rfjakob/gocryptfs/issues/165
Diffstat (limited to 'internal')
-rw-r--r--internal/fusefrontend_reverse/rfs.go12
1 files changed, 9 insertions, 3 deletions
diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index 18468ee..0329cc9 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -17,6 +17,7 @@ import (
"github.com/rfjakob/gocryptfs/internal/fusefrontend"
"github.com/rfjakob/gocryptfs/internal/nametransform"
"github.com/rfjakob/gocryptfs/internal/pathiv"
+ "github.com/rfjakob/gocryptfs/internal/syscallcompat"
"github.com/rfjakob/gocryptfs/internal/tlog"
)
@@ -253,9 +254,14 @@ func (rfs *ReverseFS) OpenDir(cipherPath string, context *fuse.Context) ([]fuse.
return nil, fuse.ToStatus(err)
}
// Read plaintext dir
- entries, status := rfs.loopbackfs.OpenDir(relPath, context)
- if entries == nil {
- return nil, status
+ fd, err := syscallcompat.OpenNofollow(rfs.args.Cipherdir, relPath, syscall.O_RDONLY, 0)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
+ }
+ defer syscall.Close(fd)
+ entries, err := syscallcompat.Getdents(fd)
+ if err != nil {
+ return nil, fuse.ToStatus(err)
}
if rfs.args.PlaintextNames {
return rfs.openDirPlaintextnames(cipherPath, entries)