From: "jeremyevans0 (Jeremy Evans) via ruby-core" Date: 2023-01-20T16:58:17+00:00 Subject: [ruby-core:111940] [Ruby master Feature#19347] Add Dir.fchdir Issue #19347 has been updated by jeremyevans0 (Jeremy Evans). ko1 (Koichi Sasada) wrote in #note-3: > At the dev meeting there are 4 ideas: I considered the first three ideas when implementing this support. Let me add my comments on each. > * 4 ideas > * `Dir.fchdir(int)` > * Proposed > * Consistent to the POSIX API > * Can be extended for `Dir.fchdir(dir)` and `Dir.fchdir(io)` The reason I used this approach is that this feature is likely to be rarely used, and not all platforms support it. I'm OK with adding support for `Dir.fchdir(dir)`, but prefer the `Dir#chdir` approach mentioned below. > * `Dir.chdir(int)` > * Do not need to add new method > * `Dir.chdir` partially implemented on Windows because fchdir is not supported by Windows. `respond_to?` is not usable to test the availability. > * Can be extended for `Dir.fchdir(dir)` and `Dir.fchdir(io)` I considered this option, but I think it's more likely that Ruby programmers would accidentally call `Dir.chdir` with an integer argument by accident than deliberately for passing a directory file descriptor, and then they would receive either a confusing error message, or in unfortunate cases, an unintended directory change. > * `dir = Dir.for_fd(int); dir.chdir` > * More object oriented? > * 2 more methods (`Dir.for_fd(int)` and `Dir#chdir`) are needed I considered this option, but it requires an additional and potentially unnecessary `Dir` allocation. I think it would be useful to add `Dir.for_fd` (the equivalent of the C function `fdopendir`). However, I didn't have an immediate need for it, so I didn't want to include it in this feature request. I also like the idea of `Dir#chdir`, which could use `Dir.fchdir` (if directory file descriptors are supported) or `Dir.chdir` (otherwise). I recommend supporting both `Dir.for_fd` and `Dir#chdir`, but as separate features after `Dir.fchdir` is merged. I volunteer to implement `Dir.for_fd` and/or `Dir#chdir` if either/both are approved. > * `Dir.for_fd(io.fileno).chdir` needs two objects (IO and Dir) references one FD. It would have a problem with GC. `closedir` frees DIR structure and closes FD. Thus, we cannot implement `autoclose: false` for `Dir.for_fd`. > * Dir.for_fd(io.fileno, autoclose: false) > * use dup(io.fileno) and close that, leave the original one alone? > * `IO#fchdir` I'm against `IO#fchdir` as almost no `IO` objects are for directories. I don't think we should offer any direct support for `IO` objects representing directories. ---------------------------------------- Feature #19347: Add Dir.fchdir https://bugs.ruby-lang.org/issues/19347#change-101370 * Author: jeremyevans0 (Jeremy Evans) * Status: Open * Priority: Normal ---------------------------------------- Recently, I was working on a program that passes file descriptors over UNIX sockets (using `send_io`/`recv_io`). For file/socket/device descriptors, this works fine using `File#reopen`. However, I found that while Ruby supports `Dir#fileno` to return a directory file descriptor, it cannot use that file descriptor when changing directories. I worked around this in my program by writing the directory path over the UNIX socket, but this results in a TOCTOU vulnerability in certain cases. Passing the directory file descriptor would be simpler and avoid the vulnerability. I've submitted a pull request to implement this method: https://github.com/ruby/ruby/pull/7135 -- https://bugs.ruby-lang.org/ ______________________________________________ ruby-core mailing list -- ruby-core@ml.ruby-lang.org To unsubscribe send an email to ruby-core-leave@ml.ruby-lang.org ruby-core info -- https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/