aboutsummaryrefslogtreecommitdiff
path: root/internal/syscallcompat/sys_linux.go
AgeCommit message (Collapse)Author
2017-11-30syscallcompat: check that we get NOFOLLOW wherever possibleJakob Unterwurzacher
...and fix the instances where the AT_SYMLINK_NOFOLLOW / O_NOFOLLOW / O_EXCL flag was missing.
2017-11-29fusefrontend: allow_other: close race between mkdir and chownSebastian Lackner
Fixes the same problem as described in 72b975867a3b9bdf53fc2da62e2ba4a328d7e4ab, except for directories instead of device nodes.
2017-11-29fusefrontend: Use Fchmodat to implement ChmodSebastian Lackner
2017-11-29syscallcompat: Introduce unlinkat syscall with flags argumentSebastian Lackner
2017-11-28fusefrontend: Use the Symlinkat syscall for longname handlingSebastian Lackner
2017-11-27fusefronted: allow_other: close race between mknod and chownJakob Unterwurzacher
If the user manages to replace the directory with a symlink at just the right time, we could be tricked into chown'ing the wrong file. This change fixes the race by using fchownat, which unfortunately is not available on darwin, hence a compat wrapper is added. Scenario, as described by @slackner at https://github.com/rfjakob/gocryptfs/issues/177 : 1. Create a forward mount point with `plaintextnames` enabled 2. Mount as root user with `allow_other` 3. For testing purposes create a file `/tmp/file_owned_by_root` which is owned by the root user 4. As a regular user run inside of the GoCryptFS mount: ``` mkdir tempdir mknod tempdir/file_owned_by_root p & mv tempdir tempdir2 ln -s /tmp tempdir ``` When the steps are done fast enough and in the right order (run in a loop!), the device file will be created in `tempdir`, but the `lchown` will be executed by following the symlink. As a result, the ownership of the file located at `/tmp/file_owned_by_root` will be changed.
2017-06-18main, syscallcompat: use Dup3 instead of Dup2Jakob Unterwurzacher
Dup2 is not implemented on linux/arm64. Fixes https://github.com/rfjakob/gocryptfs/issues/121 . Also adds cross-compilation to CI.
2016-10-04A few more lint fixesJakob Unterwurzacher
2016-10-04lint fixesValient Gough
2016-07-06Add godoc comments to all internal packagesJakob Unterwurzacher
2016-07-03syscallcompat: OSX: add Mknodat wrapperJakob Unterwurzacher
Protip: find naked *at syscalls using: git grep "syscall." | grep "at(" | grep -v syscallcompat
2016-07-03syscallcompat: OSX: add Unlinkat wrapperJakob Unterwurzacher
Also, replace remaining naked syscall.Openat calls.
2016-07-03syscallcompat: OSX: add Renamat wrapperJakob Unterwurzacher
Adds a poor man's renameat implementation for OSX.
2016-07-03syscallcompat: OSX: add Fallocate and Openat wrappersJakob Unterwurzacher
...and convert all calls to syscall.{Fallocate,Openat} to syscallcompat . Both syscalls are not available on OSX. We emulate Openat and just return EOPNOTSUPP for Fallocate.
2016-07-03syscallcompat: move syscall wrapper to their own packageJakob Unterwurzacher
We will get more of them as OSX also lacks support for openat.