If your system supports the O_NOFOLLOW flag 1 to the open(2)
system call, find
uses it
to safely change directories. The target directory is first opened
and then find
changes working directory with the
fchdir()
system call. This ensures that symbolic links are not
followed, preventing the sort of race condition attack in which use
is made of symbolic links.
If for any reason this approach does not work, find
will fall
back on the method which is normally used if O_NOFOLLOW is not
supported.
You can tell if your system supports O_NOFOLLOW by running
find --version
This will tell you the version number and which features are enabled. For example, if I run this on my system now, this gives:
GNU find version 4.2.18-CVS Features enabled: D_TYPE O_NOFOLLOW(enabled)
Here, you can see that I am running a version of find
which was
built from the development (CVS) code prior to the release of
findutils-4.2.18, and that the D_TYPE and O_NOFOLLOW features are
present. O_NOFOLLOW is qualified with “enabled”. This simply means
that the current system seems to support O_NOFOLLOW. This check is
needed because it is possible to build find
on a system that
defines O_NOFOLLOW and then run it on a system that ignores the
O_NOFOLLOW flag. We try to detect such cases at startup by checking
the operating system and version number; when this happens you will
see “O_NOFOLLOW(disabled)” instead.
[1] GNU/Linux (kernel version 2.1.126 and later) and FreeBSD (3.0-CURRENT and later) support this