|
|
@@ -3671,11 +3671,15 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
|
|
|
if ((flags & ~(AT_SYMLINK_FOLLOW | AT_EMPTY_PATH)) != 0)
|
|
|
return -EINVAL;
|
|
|
/*
|
|
|
- * Using empty names is equivalent to using AT_SYMLINK_FOLLOW
|
|
|
- * on /proc/self/fd/<fd>.
|
|
|
+ * To use null names we require CAP_DAC_READ_SEARCH
|
|
|
+ * This ensures that not everyone will be able to create
|
|
|
+ * handlink using the passed filedescriptor.
|
|
|
*/
|
|
|
- if (flags & AT_EMPTY_PATH)
|
|
|
+ if (flags & AT_EMPTY_PATH) {
|
|
|
+ if (!capable(CAP_DAC_READ_SEARCH))
|
|
|
+ return -ENOENT;
|
|
|
how = LOOKUP_EMPTY;
|
|
|
+ }
|
|
|
|
|
|
if (flags & AT_SYMLINK_FOLLOW)
|
|
|
how |= LOOKUP_FOLLOW;
|
Linus Torvalds