• Story19

Add symlink-race-free connect() system call

Status: planning

Add a non-symlink-following variant of the connect() system call to Linux to fix PlashIssues/ConnectRaceCondition.

One approach is to add a new syscall that takes an additional flags argument, since the existing connect() syscall does not have a flags argument. New syscalls that take filenames should now also take a directory FD argument, so the new syscall would be fconnectat().

Ulrich Drepper's recent proposed patches have extended socket() and socketpair() without adding a flags argument. Instead, the role of the type argument has been extended so that it can contain SOCK_CLOEXEC and SOCK_NONBLOCK flags. This would be harder to do for connect(), because the socket type is inside a struct sockaddr.

See:

• PATCH: alternative^2 to sys_indirect: socket, socketpair (April 2008)

• PATCH 02/18: flag parameters: socket and socketpair (May 2008) (full patch series here)