Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
tokio
A runtime for writing reliable asynchronous applications with Rust. Provides I/O, networking, scheduling, timers, ...
> It's admiring how quickly they fix these
This is a weird comment, especially on this fix. The bug was reported back in 2018. See https://github.com/rust-lang/rust/issues/48504
From the linked blog post:
We also want to thank Florian Weimer for reviewing the UNIX-like fix and for
In C++, any concurrent filesystem access is undefined behavior (which seems pretty crazy to me)
https://en.cppreference.com/w/cpp/filesystem
> The behavior is undefined if the calls to functions in this library introduce a file system race, that is, when multiple threads, processes, or computers interleave access and modification to the same object in a file system.
---
Golang also seems vulnerable to the same issue
https://github.com/golang/go/blob/d15481b8c7f5f73a8b987a0c1d...
Line 78 calls stat correctly with NOFOLLOW. Then line 97 calls openFdAt which on line 174 opens the path by name, without NOFOLLOW.
I bet this is a pretty common vulnerability.
This relates to the fact that there's some talk going on in the Rust community to extend lifetime checks to domains outside of memory safety (like filesystems).
Here's an RFC that tries to extend lifetimes to file handles: https://github.com/rust-lang/rfcs/blob/master/text/3128-io-s...