Open Bug 1673771 Opened 4 years ago Updated 4 years ago

Sandboxing will need to support a subset of `statx`

Categories

(Core :: Security: Process Sandboxing, defect, P5)

x86
Linux
defect

Tracking

()

People

(Reporter: jld, Unassigned)

References

Details

The relatively new system call statx seems to be the only way for 32-bit platforms to get 64-bit timestamps for files, either by path (stat/lstat) or file descriptor (fstat). Its interface is basically an extension of fstatat, complete with AT_EMPTY_PATH and its problems (see the last two paragraphs of bug 1673202 comment #2).

If I understand correctly, glibc will still fall back to fstatat (which we handle) if statx fails with ENOSYS (which it does, in our sandboxes); this obviously doesn't handle post-2038 dates, but if that's the only problem, this may not be urgent for us.

Severity: -- → S4
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.