Hey Philippe, > I implemented a new sanitizer to detect arbitrary file open.
I think it's an interesting idea. Among other things it seems it can be used to detect path traversal attacks. I'm not sure how exactly it works at this point but if apart from keeping track of the "open" syscall (and its variations) it could detect attempts to write data to random files it would be great. > I would like to know what you think about this. Is this a bug to you ? Or is > it expected ? > Could this be exploited somehow by an attacker to get secrets such as > ~/.ssh/id_rsa ? I don't think it can be exploited to expose stuff that shouldn't be exposed. Thanks, Evgeny Vereshchagin
