Re: [Libguestfs] [PATCH 03/27] daemon: Reimplement ‘file’ API in OCaml.
On Thursday, 20 July 2017 09:54:51 CEST Richard W.M. Jones wrote:
On Wed, Jul 19, 2017 at 03:14:48PM +0200, Pino Toscano wrote:
> > +
> > + let statbuf = Chroot.f chroot lstat path in
>
> Hm is chroot needed for this? The current C implementation does not
> use CHROOT_IN/OUT, and it does not even resolve symlinks, so it should
> be safe.
The implementation is different, but I think it's equivalent and safe.
The ‘Chroot’ module is a significant enhancement over the C CHROOT_*
hacks and over the cases where the C code should be doing a chroot but
doesn't even bother.
Yes, I understand that Chroot is better, although my point here is that
it should not be needed, like CHROOT_* was not needed before either.
In the end the code is just stat'ing a file, without resolving it in
case it is a symlink, so not using Chroot should be still safe.
--
Pino Toscano
Attachments:
- signature.asc (application/pgp-signature — 819 bytes)