Hi Paul,

First of all thanks for the exceptionally quick response & fix. The mode of
the file system isn't so much a security feature but a reflection of its
functionality: As you drop files into a particular area, they are moved
somewhere else under the hood by the fuse. But given what you are saying
about expecting issues like this with more tools, I may actually make
directories readable to avoid issues.

You did get my name ever so slightly wrong in the patch, but if that's
already committed, then don't bother with it.

Cheers,
Seb

On 23 September 2015 at 15:09, Paul Eggert <eggert@cs.ucla.edu> wrote:

> Sebastian Unger wrote:
>
>> Why is it trying to open the directory
>> in the first place?
>>
>
> Security.
>
> Apparently POSIX doesn't allow this level of paranoia for mkdir -p, so I
> removed it in the attached Gnulib patch, and this should appear in the next
> coreutils release.
>
> A filesystem that doesn't let you read your own directory that you just
> created is likely to run into other problems like this -- i.e., the
> practice may introduce more security problems than it closes.  But I
> digress.
>