diff options
| author | Zhidao HONG <z.hong@f5.com> | 2021-04-29 22:04:34 +0800 |
|---|---|---|
| committer | Zhidao HONG <z.hong@f5.com> | 2021-04-29 22:04:34 +0800 |
| commit | 53279af5d44dce2b679399d6a36eb46292928175 (patch) | |
| tree | 973ba2979096f6969d11a8646151034e8a4372fd /auto/files | |
| parent | 113afb09ea7ddeebf2376cf6df3af212705e6128 (diff) | |
| download | unit-53279af5d44dce2b679399d6a36eb46292928175.tar.gz unit-53279af5d44dce2b679399d6a36eb46292928175.tar.bz2 | |
Static: support for openat2() features.
Support for chrooting, rejecting symlinks, and rejecting crossing mounting
points on a per-request basis during static file serving.
Diffstat (limited to '')
| -rw-r--r-- | auto/files | 32 |
1 files changed, 32 insertions, 0 deletions
@@ -49,3 +49,35 @@ nxt_feature_test="#include <fcntl.h> return 0; }" . auto/feature + + +nxt_feature="openat2()" +nxt_feature_name=NXT_HAVE_OPENAT2 +nxt_feature_run= +nxt_feature_incs= +nxt_feature_libs= +nxt_feature_test="#include <fcntl.h> + #include <unistd.h> + #include <sys/syscall.h> + #include <linux/openat2.h> + #include <string.h> + + int main() { + struct open_how how; + + memset(&how, 0, sizeof(how)); + + how.flags = O_RDONLY; + how.mode = O_NONBLOCK; + how.resolve = RESOLVE_IN_ROOT + | RESOLVE_NO_SYMLINKS + | RESOLVE_NO_XDEV; + + int fd = syscall(SYS_openat2, AT_FDCWD, \".\", + &how, sizeof(how)); + if (fd == -1) + return 1; + + return 0; + }" +. auto/feature |