From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: rob piko Newsgroups: gmane.lisp.guile.devel Subject: Re: [PATCH] Bindings to *at functions & allowing more functions to operate on ports Date: Tue, 4 May 2021 18:58:45 -0400 Message-ID: References: <175c3a6572e832d84927937b309a3095cadf5702.camel@telenet.be> <20210328111732.GC19415@tuxteam.de> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000dba4cd05c189053d" Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="38888"; mail-complaints-to="usenet@ciao.gmane.io" Cc: Maxime Devos , guile-devel@gnu.org To: tomas@tuxteam.de Original-X-From: guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org Wed May 05 00:59:11 2021 Return-path: Envelope-to: guile-devel@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1le40V-000A1r-OQ for guile-devel@m.gmane-mx.org; Wed, 05 May 2021 00:59:11 +0200 Original-Received: from localhost ([::1]:49212 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1le40U-0007q9-Nq for guile-devel@m.gmane-mx.org; Tue, 04 May 2021 18:59:10 -0400 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:59208) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1le40J-0007ph-ND for guile-devel@gnu.org; Tue, 04 May 2021 18:58:59 -0400 Original-Received: from mail-yb1-xb2b.google.com ([2607:f8b0:4864:20::b2b]:36530) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1le40I-0000ZM-8E for guile-devel@gnu.org; Tue, 04 May 2021 18:58:59 -0400 Original-Received: by mail-yb1-xb2b.google.com with SMTP id m9so228276ybm.3 for ; Tue, 04 May 2021 15:58:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=slH/k9YhK9O7BQDJvl64d21GTYWqNE+P6j/OL6D5GvU=; b=UiWcGMOqiS5xHe9CXPF0XQSaXCz5QI6lquukF+uJHxIUnEzR7sm5wPzisdLtLS633M xCVdaUpU3e8DYju/n6FnWhQ8QXWgbLkA+ijwd4ozMjGmoLU58TORyYBflwt8wAcqK8PZ 4DKEx67HHFado8OS+fxWewwd0fBgh8Iy52cHTSHhMFLFhWpAox0ccrU5UU2p1XGFWWob 75fj2VbNJ6Rx7ySHAFcfGCZZovMZJCTVoOqTmtG8jooY0dE9DeumNyLycGQ3W5q92j67 sGwYNO0kH/Ch6bpIxO8axd5CLXn/lPzVx5h2sOQ5vpKPUbTDYKf0kJDPklb76QHhl5e8 5rhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=slH/k9YhK9O7BQDJvl64d21GTYWqNE+P6j/OL6D5GvU=; b=kHiBgeSt0q0sr86Xg4MeCJJULQ0STF1No8A4aSQ9JqmHgi4oHTgEoP8U3ksEj43EJ8 dzK7cN2Nd1pGbQTXEHxe/Voz982gATI8Hu2OQQ5asrhRkfSx8yqd8vNj4qT/TaZl9DhH 1xy6uRa56V6H11swamEKilctjgwFP7YPo5Owfo4Cx40yosLFIk5gNUq8Kgfsw8DivGvc nmy7QUfaFEUpboM7XoYArnTTmuVwgFC3GIdJcmOczv9yJtE7iErphYFLiXuRTF3G2XEh ZdVpNlnq4QOUoXqCZagyjVQPXa/4SZkXF7SNpJFl379yyvRaPeNTuV3RLDn+YRYaE2H0 Pdnw== X-Gm-Message-State: AOAM532Zog6yIQvAdXXwjJhQaPFiOj1EzMWSFqEJSjeLy+O/U5nLVZRa vJZd0b+TIZ7FFyhrsctyDrlmL0rmJ+vfSfaGar0= X-Google-Smtp-Source: ABdhPJxlkCtzVF5RHoJ/YvIyGIxsGT6FLJmdJyF9tEBG7GJCsXqok0+iDwU64lYQHORqSi40gUKtaDBkPS+5RcJ2NzY= X-Received: by 2002:a25:73d3:: with SMTP id o202mr14788614ybc.14.1620169136512; Tue, 04 May 2021 15:58:56 -0700 (PDT) In-Reply-To: <20210328111732.GC19415@tuxteam.de> Received-SPF: pass client-ip=2607:f8b0:4864:20::b2b; envelope-from=kostyarjcnz@gmail.com; helo=mail-yb1-xb2b.google.com X-Spam_score_int: 0 X-Spam_score: -0.1 X-Spam_bar: / X-Spam_report: (-0.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.998, HK_RANDOM_FROM=0.998, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: guile-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Developers list for Guile, the GNU extensibility library" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guile-devel-bounces+guile-devel=m.gmane-mx.org@gnu.org Original-Sender: "guile-devel" Xref: news.gmane.io gmane.lisp.guile.devel:20758 Archived-At: --000000000000dba4cd05c189053d Content-Type: text/plain; charset="UTF-8" Hello Maxime, > * Use O_NOFOLLOW to *not* follow the symbolic link. > Patch for adding O_NOFOLLOW to guile: According to the man pages for the O_NOFOLLOW: If the trailing component (i.e., basename) of *pathname* is > a symbolic link, then the open fails, with the error > *ELOOP*. Symbolic links in earlier components of the > pathname will still be followed. > > Sounds like O_NOFOLLOW would not fix the issue if the symlink is found in other parts of the pathname outside of the basename? Regards, Kostyantyn Kovalskyy On Sun, Mar 28, 2021 at 7:18 AM wrote: > On Sat, Mar 27, 2021 at 10:19:20PM +0100, Maxime Devos wrote: > > Hi, > > > > [CC'ing some Guile and Guix maintainers because this is > > important for the security of Guix System.] > > [snipped CC, since my answer is just a thankyou] > > > I want to explain why these patches (and the O_FLAGS (*) > > patch) should be included in Guile [...] > > *THANK YOU* > > This from someone striving to make Guile the "default tool for > around the house". > > Cheers > - t > --000000000000dba4cd05c189053d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello Maxime,

> * Use O_N= OFOLLOW to *not* follow the symbolic link.
>=C2=A0 Patch for adding O_NOFOLLOW to guile:

A= ccording to the man pages for the O_NOFOLLOW:

If the trailing component (i.e., basename)=
 of pathname is
              a symbolic link, then the open fails, with the error
              ELOOP.  Symbolic links in earlier components of the
              pathname will still be followed.

Sounds like O_NOFOLLOW would not fix the issue if the symli= nk is found in other parts of the pathname outside of the basename?

Regards,
Kostyantyn Kovalskyy


On Sun, Mar 28, 2021 at 7:18 AM <tomas@tuxteam.de> wrote:
On Sat, Mar 27, 2021 at 10:19:20PM +0100, Maxime De= vos wrote:
> Hi,
>
> [CC'ing some Guile and Guix maintainers because this is
> important for the security of Guix System.]

[snipped CC, since my answer is just a thankyou]

> I want to explain why these patches (and the O_FLAGS (*)
> patch) should be included in Guile [...]

*THANK YOU*

This from someone striving to make Guile the "default tool for
around the house".

Cheers
=C2=A0- t
--000000000000dba4cd05c189053d--