Index: documentation/filesystem_access.txt |
diff --git a/documentation/filesystem_access.txt b/documentation/filesystem_access.txt |
index b7016de87c8c73dcaf0091c99b98bfb78d499a4b..0ea0ef198ef1edfebdd91594f3fe4744cb8e9a0f 100644 |
--- a/documentation/filesystem_access.txt |
+++ b/documentation/filesystem_access.txt |
@@ -16,7 +16,6 @@ be guaranteed by the caller: |
* The mounted directory is assumed to not include any symlinks. |
These constraints will be enforced by sel_ldr: |
- * Pathnames must be absolute. Relative pathnames are explicitly disallowed. |
* Pathnames may not include the substring "..". |
* Access to filesystem within sel_ldr will behave as if as if the mounted |
directory is root. |
@@ -68,11 +67,10 @@ Given that strategy, the following syscall changes were straightforward: |
### Path sanitization |
-Path sanitization happens through a three stage process: |
+Requires that the cwd is within the mounted directory (set at initialization). |
Mark Seaborn
2016/02/24 21:19:19
Make this "Path sanitization checks that..." so th
Sean Klein
2016/02/24 23:40:43
Done.
|
-1) Ensure the user's path is absolute. |
-2) Prefix the path to the mounted directory. |
-3) Ensure that the path does not contain "..". |
+If the user's path is absolute, prefix the path to the mounted directory. |
+Ensure that the path does not contain "..". |
### Symlinks |