Ignore:
Timestamp:
Nov 30, 2013, 12:05:22 AM (7 years ago)
Author:
cal@…
Message:

darwintrace: Don't always follow symlinks

Only follow symlinks in darwintrace_is_in_sandbox() when the DT_FOLLOWSYMS
flag is set. This has the following advantages:

  • lstat(2) and readlink(2) work on symlinks that point to files outside of the sandbox (previously, these attempts would have returned ENOENT).
  • readdir(3) is a lot faster again, because it doesn't have to lstat(2) and possibly readlink(2) every file in a loop.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/base/src/darwintracelib1.0/darwintrace.h

    r114095 r114131  
    6767
    6868enum {
    69         DT_REPORT   = 1 << 0,
    70         DT_ALLOWDIR = 1 << 1
     69        DT_REPORT     = 1 << 0,
     70        DT_ALLOWDIR   = 1 << 1,
     71        DT_FOLLOWSYMS = 1 << 2
    7172};
    7273
     
    105106 *                    read operations such as stat(2), omit this for operations
    106107 *                    that modify directories like rmdir(2) and mkdir(2).
     108 *                  - DT_FOLLOWSYMS: Check for and expand symlinks, while
     109 *                    checking both the link name and the link target against
     110 *                    the sandbox. Set this for all operations that read file
     111 *                    contents or check file attributes. Omit this flag for
     112 *                    operations that only list the file (or rather symlink)
     113 *                    name.
    107114 * \return \c true if the file is within sandbox bounds, \c false if access
    108115 *         should be denied
Note: See TracChangeset for help on using the changeset viewer.