From e97c23e08383666117523cf3145f1213b41c2489 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Thu, 30 Nov 2017 19:40:53 +0100
Subject: syscallcompat: check that we get NOFOLLOW wherever possible

...and fix the instances where the AT_SYMLINK_NOFOLLOW /
O_NOFOLLOW / O_EXCL flag was missing.
---
 internal/fusefrontend/fs.go     | 4 ++--
 internal/fusefrontend/fs_dir.go | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'internal/fusefrontend')

diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index d6467f9..cc055c7 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -211,7 +211,7 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
 
 		// Create content
 		var fdRaw int
-		fdRaw, err = syscallcompat.Openat(int(dirfd.Fd()), cName, newFlags|os.O_CREATE, mode)
+		fdRaw, err = syscallcompat.Openat(int(dirfd.Fd()), cName, newFlags|os.O_CREATE|os.O_EXCL, mode)
 		if err != nil {
 			nametransform.DeleteLongName(dirfd, cName)
 			return nil, fuse.ToStatus(err)
@@ -219,7 +219,7 @@ func (fs *FS) Create(path string, flags uint32, mode uint32, context *fuse.Conte
 		fd = os.NewFile(uintptr(fdRaw), cName)
 	} else {
 		// Normal (short) file name
-		fd, err = os.OpenFile(cPath, newFlags|os.O_CREATE, os.FileMode(mode))
+		fd, err = os.OpenFile(cPath, newFlags|os.O_CREATE|os.O_EXCL, os.FileMode(mode))
 		if err != nil {
 			return nil, fuse.ToStatus(err)
 		}
diff --git a/internal/fusefrontend/fs_dir.go b/internal/fusefrontend/fs_dir.go
index 4ffaaff..5cc269b 100644
--- a/internal/fusefrontend/fs_dir.go
+++ b/internal/fusefrontend/fs_dir.go
@@ -146,7 +146,7 @@ func (fs *FS) Rmdir(path string, context *fuse.Context) (code fuse.Status) {
 
 	cName := filepath.Base(cPath)
 	dirfdRaw, err := syscallcompat.Openat(int(parentDirFd.Fd()), cName,
-		syscall.O_RDONLY, 0)
+		syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
 	if err == syscall.EACCES {
 		// We need permission to read and modify the directory
 		tlog.Debug.Printf("Rmdir: handling EACCESS")
@@ -168,7 +168,7 @@ func (fs *FS) Rmdir(path string, context *fuse.Context) (code fuse.Status) {
 		var st syscall.Stat_t
 		syscall.Lstat(cPath, &st)
 		dirfdRaw, err = syscallcompat.Openat(int(parentDirFd.Fd()), cName,
-			syscall.O_RDONLY, 0)
+			syscall.O_RDONLY|syscall.O_NOFOLLOW, 0)
 		// Undo the chmod if removing the directory failed
 		defer func() {
 			if code != fuse.OK {
-- 
cgit v1.2.3