From: Mark Wooding <mdw@distorted.org.uk>
Date: Sun, 18 Jan 2015 04:11:53 +0000 (+0000)
Subject: policy.c, yaid.h: Discuss `open_policy_file' and filesystem object types.
X-Git-Tag: 1.0.3~7
X-Git-Url: https://git.distorted.org.uk/~mdw/yaid/commitdiff_plain/7164a50bc1ca3d89c18d42b788ccbd8ba0e38a30

policy.c, yaid.h: Discuss `open_policy_file' and filesystem object types.
---

diff --git a/policy.c b/policy.c
index 9a9e2e2..9cb9af9 100644
--- a/policy.c
+++ b/policy.c
@@ -441,6 +441,11 @@ fail:
 
 /* Open a policy file by NAME.  The description WHAT and query Q are used for
  * formatting error messages for the log.
+ *
+ * This function is somewhat careful only to read from actual regular files,
+ * though (if the filesystem object identified by NAME is a symlink, say) it
+ * might open a device node or other exotic thing without reading it.  This
+ * is likely harmless, since we're running as an unprivileged user anyway.
  */
 int open_policy_file(struct policy_file *pf, const char *name,
 		     const char *what, const struct query *q, unsigned f)
diff --git a/yaid.h b/yaid.h
index 0f4efd8..15f26bf 100644
--- a/yaid.h
+++ b/yaid.h
@@ -348,6 +348,11 @@ struct policy_file {
 
 /* Open a policy file by NAME.  The description WHAT and query Q are used for
  * formatting error messages for the log.
+ *
+ * This function is somewhat careful only to read from actual regular files,
+ * though (if the filesystem object identified by NAME is a symlink, say) it
+ * might open a device node or other exotic thing without reading it.  This
+ * is likely harmless, since we're running as an unprivileged user anyway.
  */
 extern int open_policy_file(struct policy_file */*pf*/, const char */*name*/,
 			    const char */*what*/, const struct query */*q*/,