Re: [patch] honour MNT_NOEXEC for access()

On Sat, 2006-10-07 at 23:14 +0400, Stas Sergeev wrote:
> Hello.
> 
> Ulrich Drepper wrote:
> >> Now, as the access(X_OK) is fixed, would it be
> >> feasible for ld.so to start using it?
> > Just must be kidding.  No access control can be reliably implemented at
> > userlevel.  There is no point starting something as stupid as this.
> But in this case how can you ever solve the
> problem of ld.so executing the binaries for which
> the user does not have an exec permission?
> Yes, the userspace apps usually should not enforce
> the kernel's access control,

correct

>  but ld.so seems to be
> the special case - it is a kernel helper after all,

in what way is ld.so special in ANY way?

-- 
if you want to mail me at work (you don't), use arjan (at) linux.intel.com

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Stas Sergeev <[email protected]>

References:
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Arjan van de Ven <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Stas Sergeev <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Arjan van de Ven <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Stas Sergeev <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Arjan van de Ven <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Stas Sergeev <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Jakub Jelinek <[email protected]>
- Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
  - From: Stas Sergeev <[email protected]>
- [patch] honour MNT_NOEXEC for access()
  - From: Stas Sergeev <[email protected]>
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Alan Cox <[email protected]>
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Ulrich Drepper <[email protected]>
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Stas Sergeev <[email protected]>
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Ulrich Drepper <[email protected]>
- Re: [patch] honour MNT_NOEXEC for access()
  - From: Stas Sergeev <[email protected]>

Prev by Date: [PATCH] um: setup irq regs in do_IRQ
Next by Date: Re: [linux-usb-devel] error to be returned while suspended
Previous by thread: Re: [patch] honour MNT_NOEXEC for access()
Next by thread: Re: [patch] honour MNT_NOEXEC for access()
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]