You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As written, this library has the same problem as the second case. We use the absolute path when creating temporary files instead of the relative path. I believe this can actually be an issue in practice with some jails.
Fixing this on linux is doable with openat and unlinkat. Fixing this on osx is possible using per-thread CWDs (at the cost of two extra syscalls to set/unset the thread-local CWD).
The text was updated successfully, but these errors were encountered:
fs_at is a new crate I created as part of fixing the TOCTOU remove_dir_all inherited from the std::fs::remove_dir_all it was based on years ago; it uses NTCreateFile on windows and openat on unix - my intent for it is to be a medium-level crate: no sophisticated features or policy choices, just convenient access to 'at' style syscalls. If its not suitable for solving this bug, I'd like to know why so I can fix it.
So, unix really is lovely...
As written, this library has the same problem as the second case. We use the absolute path when creating temporary files instead of the relative path. I believe this can actually be an issue in practice with some jails.
Fixing this on linux is doable with
openat
andunlinkat
. Fixing this on osx is possible using per-thread CWDs (at the cost of two extra syscalls to set/unset the thread-local CWD).The text was updated successfully, but these errors were encountered: