Quoth Harald Meland on Sat, Oct 02, 1999:
> As far as I can see, a simple symlink ~/root -> / will still allow
> users creating files anywhere they like (if they have write access).
Yup. A problem, too.
> To fix this, one would have to grind the destination through
> realpath(3) (on systems that have such a thing) and compare the
> resulting fully resolved destination with whatever restrictions there
> are.
BSDI and OpenBSD have realpath(3), but the man page says:
CAVEATS
This implementation of realpath() differs slightly from the Solaris im-
plementation. The 4.4BSD version always returns absolute pathnames,
whereas the Solaris implementation will, under certain circumstances, re-
turn a relative resolved_path when given a relative pathname.
I don't know what OSes have realpath(3). I looked at the BSDI
implementation of realpath(3), and it seems to me that it would
be easy to implement realpath() on top of getcwd(3). Or just
take the BSD implementation.
Vadik.
--
Spelling is a lossed art.
