# HG changeset patch # User Valentin Bartenev # Date 1329836681 0 # Node ID a786c85e826867efa1486c64997b087a7be79dea # Parent a996bb40a0bb6b11db7c697e604fc8ccf1e26d00 Disable symlinks: don't allow creating or truncating a file via a symlink in the last path component if "if_not_owner" parameter is used. To prevent race condition we have to open a file before checking its owner and there's no way to change access flags for already opened file descriptor, so we disable symlinks for the last path component at all if flags allow creating or truncating the file. diff --git a/src/core/ngx_open_file_cache.c b/src/core/ngx_open_file_cache.c --- a/src/core/ngx_open_file_cache.c +++ b/src/core/ngx_open_file_cache.c @@ -678,7 +678,9 @@ ngx_open_file_wrapper(ngx_str_t *name, n goto failed; } - if (of->disable_symlinks == NGX_DISABLE_SYMLINKS_NOTOWNER) { + if (of->disable_symlinks == NGX_DISABLE_SYMLINKS_NOTOWNER + && !(create & (NGX_FILE_CREATE_OR_OPEN|NGX_FILE_TRUNCATE))) + { fd = ngx_openat_file_owner(at_fd, p, mode, create, access, log); } else {