Hi.
Jeremy Fitzhardinge wrote:
What if the currently-unused MAP_EXECUTABLE flag became a
way for the program to express that it needs an exec perm,
and so the mmap should fail if there is none? I think ld.so
will be happy using such a flag...
Yes, but it doesn't solve the fact that there isn't really anything
special about ld.so, so putting special checks into it doesn't really
But this is not the checks - just a flag, MAP_EXECUTABLE, which
may mean that the exec perms are required.
Currently there is no way for the program to express that
explicitly (if only by the use of the mprotect call), so
why not to add one?
Also, I guess there's the general question of what the noexec mount flag
really means? Does it mean "make the execve syscall fail", or does it
mean "no bits on this filesystem may be interpreted as instructions".
Since PROT_EXEC doesn't require an exec perm on file, I don't
see why "noexec" should be special.
The former is simple to implement, but probably not very useful; the
It can be usefull if you put it on all the user-writable
mounts of yours - then someone can't easily exec his exploit.
latter is not possible to implement in general.
At least without selinux - yes, so my question was why to
even add the hacks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]