Re: [patch] honour MNT_NOEXEC for access()

Hello.

Arjan van de Ven wrote:

But when invoked manually.. there is even LESS special about it... it
could be ANY file on the system. And it's no different from any other
file in /bin, /usr/bin etc etc

I agree with that completely, but it was not me
who started adding the ld.so-specific tricks to
the kernel, making it special.
The assumptions of the current mmap check are:
1. The program does mmap with PROT_EXEC, not mmap/mprotect
(it was explicitly pointed out that this is unlikely to change).
2. The program does the file-backed mmap, not the anon
mmap then read.
That suits ld.so very well because it happened to work that
way, but it is not very usefull for pretty much anything else
(unless someone can show the real-life examples).
So this is what makes ld.so special. Right now it checks
exec/noexec by trying mmap(PROT_EXEC) and see if that fails.
But there can be other ways to check that, including the ones
that will not break the other progs/configurations.
And I don't see any harm in having a way for the program
to explicitly say whether it wants an exec perm or not.
(access() suits exactly for that, but it is racey)

Otherwise, please tell me, how can you solve the problem
of ld.so started directly, can execute the files you do
not have an exec permission for?

denying PROT_EXEC of non-"x" files does (somewhat).

But you can't do that - lets be realistic. Also I wonder
whether it will violate the posix specs or not.

It's never fool
proof obviously, as long as you need to allow jits.

Certainly.

Then ld.so can just use that to solve all those permission
problems.

this is just entirely a wrong assumption; one based on the assumption
that ld.so is something special, that it isn't.

Yes, that assumption is wrong, but it was not me who
invented it. I only want to move the ld.so-specific
stuff to ld.so itself, nothing more.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Arjan van de Ven <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Arjan van de Ven <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Arjan van de Ven <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Jakub Jelinek <[email protected]>
  • Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
    • From: Stas Sergeev <[email protected]>
  • [patch] honour MNT_NOEXEC for access()
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Alan Cox <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Ulrich Drepper <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Ulrich Drepper <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Arjan van de Ven <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Stas Sergeev <[email protected]>
  • Re: [patch] honour MNT_NOEXEC for access()
    • From: Arjan van de Ven <[email protected]>

• Prev by Date: [PATCH 3/4] alpha pt_regs cleanups: machine_check()
• Next by Date: [PATCH 4/4] alpha pt_regs cleanups: collapse set_irq_regs() in titan_dispatch_irqs()
• Previous by thread: Re: [patch] honour MNT_NOEXEC for access()
• Next by thread: Re: [patch] honour MNT_NOEXEC for access()
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]