Linux seven point two adds flag to prevent deception with special files

Published on May 21, 2026 | Translated from Spanish

The next version of the Linux kernel, 7.2, will include the OPENAT2_REGULAR flag for the openat2 system call. This feature allows programs to ensure they only open regular files, preventing them from being redirected to special devices like /dev/null or FIFOs, which can cause unexpected blocking behavior and security vulnerabilities.

Linux kernel compilation process, programmer terminal showing openat2 syscall with OPENAT2_REGULAR flag highlighted in green code, symbolic chain representing file redirection being broken by a shield icon, malicious FIFO pipe and /dev/null device nodes shown as blocked pathways with red X marks, regular file icon with checkmark glowing, technical illustration style, dark terminal background with matrix-like code rain, dramatic blue and orange lighting, ultra-detailed circuit board traces in background, photorealistic engineering visualization

How OPENAT2_REGULAR works in the kernel 🛡️

The OPENAT2_REGULAR flag acts as a filter in the openat2 call. When activated, the kernel verifies that the target file is a regular file (S_IFREG) before allowing the open. If the file is a block device, a FIFO, or a socket, the operation fails with the error EISDIR or EPERM. This check occurs after resolving symbolic links, blocking attacks that use links to point to special devices. The implementation was requested by the UAPI group to protect applications that process user files.

Goodbye to scares with /dev/null and mischievous FIFOs 😅

Until now, a trusting program could open a file and find it was a FIFO that left it waiting for data forever, or worse, a /dev/null that swallowed all its output without a word. With OPENAT2_REGULAR, those scares are over: if the file is not regular, the kernel says no and the developer saves hours of debugging. It's like putting a filter on the disk input so only real files get through, not carnival disguises.