Mercurial > hg > nginx
comparison src/core/ngx_open_file_cache.h @ 4477:7033faf6dc3c
Added disable_symlinks directive.
To completely disable symlinks (disable_symlinks on)
we use openat(O_NOFOLLOW) for each path component
to avoid races.
To allow symlinks with the same owner (disable_symlinks if_not_owner),
use openat() (followed by fstat()) and fstatat(AT_SYMLINK_NOFOLLOW),
and then compare uids between fstat() and fstatat().
As there is a race between openat() and fstatat() we don't
know if openat() in fact opened symlink or not. Therefore,
we have to compare uids even if fstatat() reports the opened
component isn't a symlink (as we don't know whether it was
symlink during openat() or not).
Default value is off, i.e. symlinks are allowed.
| author | Andrey Belov <defan@nginx.com> |
|---|---|
| date | Mon, 13 Feb 2012 16:29:04 +0000 |
| parents | d620f497c50f |
| children | 47ece8818978 |
comparison
equal
deleted
inserted
replaced
| 4476:94ef9d25ec5b | 4477:7033faf6dc3c |
|---|---|
| 30 | 30 |
| 31 time_t valid; | 31 time_t valid; |
| 32 | 32 |
| 33 ngx_uint_t min_uses; | 33 ngx_uint_t min_uses; |
| 34 | 34 |
| 35 #if (NGX_HAVE_OPENAT) | |
| 36 unsigned disable_symlinks:2; | |
| 37 #endif | |
| 38 | |
| 35 unsigned test_dir:1; | 39 unsigned test_dir:1; |
| 36 unsigned test_only:1; | 40 unsigned test_only:1; |
| 37 unsigned log:1; | 41 unsigned log:1; |
| 38 unsigned errors:1; | 42 unsigned errors:1; |
| 39 unsigned events:1; | 43 unsigned events:1; |
| 61 time_t mtime; | 65 time_t mtime; |
| 62 off_t size; | 66 off_t size; |
| 63 ngx_err_t err; | 67 ngx_err_t err; |
| 64 | 68 |
| 65 uint32_t uses; | 69 uint32_t uses; |
| 70 | |
| 71 #if (NGX_HAVE_OPENAT) | |
| 72 unsigned disable_symlinks:2; | |
| 73 #endif | |
| 66 | 74 |
| 67 unsigned count:24; | 75 unsigned count:24; |
| 68 unsigned close:1; | 76 unsigned close:1; |
| 69 unsigned use_event:1; | 77 unsigned use_event:1; |
| 70 | 78 |