From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <glibc-bugs-return-19188-listarch-glibc-bugs=sources.redhat.com@sourceware.org>
Received: (qmail 3598 invoked by alias); 20 Jul 2013 20:40:15 -0000
Mailing-List: contact glibc-bugs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <glibc-bugs.sourceware.org>
List-Subscribe: <mailto:glibc-bugs-subscribe@sourceware.org>
List-Post: <mailto:glibc-bugs@sourceware.org>
List-Help: <mailto:glibc-bugs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: glibc-bugs-owner@sourceware.org
Received: (qmail 1188 invoked by uid 48); 20 Jul 2013 20:38:13 -0000
From: "corbellini.andrea at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: glibc-bugs@sourceware.org
Subject: [Bug libc/15763] shm_open/unlink let you write outside SHMDIR
Date: Sat, 20 Jul 2013 20:40:00 -0000
X-Bugzilla-Reason: CC
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: glibc
X-Bugzilla-Component: libc
X-Bugzilla-Version: 2.18
X-Bugzilla-Keywords:
X-Bugzilla-Severity: normal
X-Bugzilla-Who: corbellini.andrea at gmail dot com
X-Bugzilla-Status: NEW
X-Bugzilla-Priority: P2
X-Bugzilla-Assigned-To: unassigned at sourceware dot org
X-Bugzilla-Target-Milestone: ---
X-Bugzilla-Flags:
X-Bugzilla-Changed-Fields:
Message-ID: <bug-15763-131-DPBSmkSb8x@http.sourceware.org/bugzilla/>
In-Reply-To: <bug-15763-131@http.sourceware.org/bugzilla/>
References: <bug-15763-131@http.sourceware.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-Bugzilla-URL: http://sourceware.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-SW-Source: 2013-07/txt/msg00129.txt.bz2

http://sourceware.org/bugzilla/show_bug.cgi?id=15763

--- Comment #4 from Andrea Corbellini <corbellini.andrea at gmail dot com> ---
I agree with you about EISDIR being a bad error number.

I raised the problem of directories because I do have a directory in my
/dev/shm. It's a directory created by Byobu (http://byobu.co/) used as cache.
Byobu is written in Bash, so it's not affected by the behavior of shm_open().
However it shows that the possibility of encountering directories in /dev/shm
is not remote and also shows that such directories aren't created maliciously
(although we might say Byobu is buggy).

Whether it makes sense to create directories in /dev/shm or not, I still think
that shm_open() with O_RDONLY should not open them: otherwise every call to
read() will fail with EISDIR (which, as you noted, is not a good error number).
If we allow shm_open() to return directories, then we are returning broken file
descriptors.

About fstat: you might use it just for O_RDONLY. I think this is a feasible
approach as people expect some delay when accessing resources. Also, fstat
should not be noticeably slow.

-- 
You are receiving this mail because:
You are on the CC list for the bug.