[Bug 2721] Improve SFTP server to make remove always work on ZFS/Btrfs

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed May 24 16:10:00 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2721

--- Comment #2 from Stefan Walter <walteste at inf.ethz.ch> ---
Checking for symbolic link and hard link count should be part of the
process. The logic should be something like this:

if unlink() fails with EDQUOT or ENOSPC
  stat file
  if not symbolic link and hard link count is 1
    open for r/w (implicit truncate) and close
    unlink again

or, more complex and safe:

if unlink() fails with EDQUOT or ENOSPC
  stat file
  if not symbolic link and hard link count is 1
    open for append
    obtain exclusive lock on file handle
    stat file again
    if still the same file (inode, owner, mode, etc. are the same)
      truncate
      unlink again
    unlock and close

The question of course is, can a malicious user on the system exploit
any race conditions in this process.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list