@@ -51,7 +51,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
5151 ` runtime.LockOSThread ` -- ` ProcThreadSelfCloser ` is currently equivalent
5252 to ` runtime.UnlockOSThread ` ).
5353
54- Note that you cannot open any ` procfs ` symlinks (most notably magiclinks )
54+ Note that you cannot open any ` procfs ` symlinks (most notably magic-links )
5555 using this API. At the moment, filepath-securejoin does not support this
5656 feature (but [ libpathrs] [ ] does).
5757
@@ -92,11 +92,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
9292 is now being exported it seems unwise to advertise the API as "safe" if we do
9393 not protect against known attacks.
9494
95- The procfs API will now be more protected against attackers on systems
96- lacking the aforementioned protections. However, the most comprehensive of
97- these protections effectively rely on [ ` statx(STATX_MNT_ID) ` ] [ statx.2 ] (Linux
98- 5.8). On older kernel versions, there is no effective protection (there is
99- some minimal protection against non-` procfs ` filesystem components but a
95+ The procfs API is now more protected against attackers on systems lacking the
96+ aforementioned protections. However, the most comprehensive of these
97+ protections effectively rely on [ ` statx(STATX_MNT_ID) ` ] [ statx.2 ] (Linux 5.8).
98+ On older kernel versions, there is no effective protection (there is some
99+ minimal protection against non-` procfs ` filesystem components but a
100100 sufficiently clever attacker can work around those). In addition,
101101 ` STATX_MNT_ID ` is vulnerable to mount ID reuse attacks by sufficiently
102102 motivated and privileged attackers -- this problem is mitigated with
0 commit comments