Re: open("foo", 3)

[Steven Rostedt]

On Sat, 2005-08-20 at 10:30 -0700, Linus Torvalds wrote:
> 
> On Sat, 20 Aug 2005, Miklos Szeredi wrote:
> > 
> > My question is: is this deliberate or accidental?  Wouldn't it be more
> > logical to not require any permission to open such file?  Or is there
> > some security concern with that?
> 
> It's deliberate but historical. It's been a long time since I worked on
> it, but it was meant for "special opens".
> 
> I _think_ it was used for things like "open block device without media
> check" etc (we use O_NONBLOCK for that now), and it was used for directory
> opens before we had O_DIRECTORY. (It's literally been years, so my 
> recollection may be bogus).
> 
> I don't think anything uses it any more, and it should probably be 
> deprecated rather than extended upon.

It may also be dangerous, since I see several drivers using 

if ((filp->f_flags & O_ACCMODE) != RD_ONLY) {
  /* do something assuming we have write access */
   ...
}


Perhaps that access mode may not allow for getting to code like this,
but, since it's so old, you may have those that forget about the 3 mode,
and we lose the protection somewhere along the line.

It probably be better to not allow for it.  Or maybe an audit of such
code needs to be replaced with:

if (filp->f_mode & FMODE_WRITE) {
  ...
}

Just my $0.02

-- Steve



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/