libutil/file-descriptor: Add safer utilities for opening files relati…#14636
Merged
Ericson2314 merged 2 commits intomasterfrom Nov 25, 2025
Merged
libutil/file-descriptor: Add safer utilities for opening files relati…#14636Ericson2314 merged 2 commits intomasterfrom
Ericson2314 merged 2 commits intomasterfrom
Conversation
Mic92
approved these changes
Nov 24, 2025
Ericson2314
reviewed
Nov 24, 2025
Ericson2314
reviewed
Nov 24, 2025
Ericson2314
reviewed
Nov 24, 2025
| { | ||
| CanonPath path; | ||
|
|
||
| SymlinkNotAllowed(CanonPath path) |
Member
There was a problem hiding this comment.
N.B. we might want to reuse this for other things, in future PR.
…ve to dirFd Implements a safe no symlink following primitive operation for opening file descriptors. This is unix-only for the time being, since windows doesn't really suffer from symlink races, since they are admin-only. Tested with enosys --syscall openat2 as well.
xokdvium
force-pushed
the
openat2-wrapper
branch
from
421d804 to
77990e7
Compare
Ericson2314
approved these changes
Nov 24, 2025
…rectory Starts using the new function.
Ericson2314
approved these changes
Nov 24, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…ve to dirFd
Motivation
Implements a safe no symlink following primitive operation for opening file descriptors. This is unix-only for the time being, since windows doesn't really suffer from symlink races, since they are admin-only.
Tested with enosys --syscall openat2 as well.
Context
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.