Hello.
David Wagner wrote:
/That's obviously possible, but I'd feel safer having/
/"noexec" on *every* user-writable partition./
But why would you "feel" safer? And why should the Linux kernel care
about how people "feel"?
I am more wondering why should I answer this,
esp. since you do not even care to CC me.
What threat, exactly, are you trying to
defend against? What's your threat model?
Am I supposed to explain why I want to prevent an
attacker from executing the exploit he happened to
copy to one of the user-writable mounts of mine?
so you say it is not a library and not a binary. So what is it that you
are maping in as executable, and why do you think it is reasonable to
ask the Linux kernel to allow you to execute it, if it lives on a noexec
partition?
Quick answer is: because not having the exec permission
(chmod -x file) doesn't prevent you from mapping that
file "noexec", and that's correct, not bug. The more
detailed discussion have already happened, and I'd like
to leave MAP_SHARED aside for a time.
Please tell me how your logic applies to MAP_PRIVATE instead,
because right now MAP_PRIVATE is affected the same way the
MAP_SHARED is.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
