WIP SLOP use descriptors to avoid TOCTOU for canonicalising file system meta data#15120
Draft
Ericson2314 wants to merge 2 commits intoNixOS:masterfrom
Draft
WIP SLOP use descriptors to avoid TOCTOU for canonicalising file system meta data#15120Ericson2314 wants to merge 2 commits intoNixOS:masterfrom
Ericson2314 wants to merge 2 commits intoNixOS:masterfrom
Conversation
github-actions
bot
added
new-cli
Linux, macOS, and all 3 BSDs have it (according to man page google search), so let's just drop this. Support for not having it was added in d03f0d4 in 2006, things have changed in the last 20 years!
…em meta data This should not happen now, but instead happen after - NixOS#15119 - NixOS#15060 - Sergei's upcoming new `Descriptor`-based `SourceAccessor` I suspect what we'll want to do is expose that source accessor after all, so we can have some extra methods to get at the underlying file descriptors. (Or, conversely, maybe this won't be necessary, because enough of the underlying logic will be factored into `file-descriptor.hh` functions that the `SourceAccessor` itself will be a small wrapper.) Either way, at that point we'll not be duplicating stuff here, nor will be lacking a foundation on Windows, and we can then finish the job.
Ericson2314
force-pushed
the
canonicalize-toctou
branch
from
2b4af0a to
288b77e
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
I suppose we should have a big issue for all the no TOCTOU, yes
Descriptorwork, to link here.Context
This should not happen now, but instead happen after
CanonicalizePathMetadataOptionsforcanonicalisePathMetaData#15119readLinkAtandopenFileEnsureBeneathNoSymlinkson Windows too #15060Descriptor-basedSourceAccessorI suspect what we'll want to do is expose that source accessor after
all, so we can have some extra methods to get at the underlying file
descriptors. (Or, conversely, maybe this won't be necessary, because enough of the
underlying logic will be factored into
file-descriptor.hhfunctionsthat the
SourceAccessoritself will be a small wrapper.)Either way, at that point we'll not be duplicating stuff here, nor will
be lacking a foundation on Windows, and we can then finish the job.
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.