fs_mkdirs: use O_NOFOLLOW and O_CLOEXEC Don't follow symlinks. Suggestion from Jann Horn. Also, add O_CLOEXEC. This prevents file descriptor leakage should this code ever run in a multithreaded environment. I'm not sure if either of these changes actually address any security concerns, but it's harmless, so go ahead and add it. Bug: 15675141 Change-Id: I7ba4e9d10439b7150f59759b54e3ad8ccba411e3

commit: 30a86ebc7a0f5a2e0fc698f432ee626cd96525b8 [log] [tgz]
author: Nick Kralevich <nnk@google.com> Mon Jun 16 15:32:49 2014 -0700
committer: Nick Kralevich <nnk@google.com> Mon Jun 16 15:40:40 2014 -0700
tree: 1a6b1e66329c38a4a4986ea45d131cf2c59243e2
parent: e5fdfcdcb462195b1a91d5408c0ac738a0a55888 [diff]
diff --git a/libcutils/fs.c b/libcutils/fs.c
index 286a8eb..45c7add 100644
--- a/libcutils/fs.c
+++ b/libcutils/fs.c

@@ -212,7 +212,7 @@
 
             /* Yay, segment is ready for us to step into */
             int next_fd;
-            if ((next_fd = openat(fd, segment, 0)) == -1) {
+            if ((next_fd = openat(fd, segment, O_NOFOLLOW | O_CLOEXEC)) == -1) {
                 ALOGE("Failed to openat(%s): %s", buf, strerror(errno));
                 res = -errno;
                 goto done_close;
commit	30a86ebc7a0f5a2e0fc698f432ee626cd96525b8	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Mon Jun 16 15:32:49 2014 -0700
committer	Nick Kralevich <nnk@google.com>	Mon Jun 16 15:40:40 2014 -0700
tree	1a6b1e66329c38a4a4986ea45d131cf2c59243e2
parent	e5fdfcdcb462195b1a91d5408c0ac738a0a55888 [diff]