From 316b916358b8830b53fec9e16b325735aa850b14 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sat, 2 Dec 2017 21:01:47 +0100
Subject: fusefrontend_reverse: secure Open against symlink races

...using the new syscallcompat.OpenNofollow helper.

This change secures Open() against symlink race attacks
as described in https://github.com/rfjakob/gocryptfs/issues/165
---
 internal/fusefrontend_reverse/rfs.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'internal/fusefrontend_reverse/rfs.go')

diff --git a/internal/fusefrontend_reverse/rfs.go b/internal/fusefrontend_reverse/rfs.go
index 8afc270..09ebe9e 100644
--- a/internal/fusefrontend_reverse/rfs.go
+++ b/internal/fusefrontend_reverse/rfs.go
@@ -218,7 +218,7 @@ func (rfs *ReverseFS) Open(relPath string, flags uint32, context *fuse.Context)
 	if rfs.isNameFile(relPath) {
 		return rfs.newNameFile(relPath)
 	}
-	return rfs.newFile(relPath, flags)
+	return rfs.newFile(relPath)
 }
 
 func (rfs *ReverseFS) openDirPlaintextnames(relPath string, entries []fuse.DirEntry) ([]fuse.DirEntry, fuse.Status) {
-- 
cgit v1.2.3