Subject: Re: chroot jail for ftpd
To: Perry E. Metzger <>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
List: tech-kern
Date: 10/17/2001 19:33:20
In message <>"Perry E. Metzger" writes

>So we tell people with giant large letters to  chmod +x /usr/lib/lib*so.*
>and be done with it. Better than leaving this go forever.

We can do /usr/lib/lib*.so* that when we build sets or do from-source upgrades.

Then there's /usr/X11R6/lib, and /usr/pkg/lib, and anything needed
under emulation mode, and any other third-party binaries....

Would checking for +x for shared libs at per-mounted-filesystem
granularity (either interpreting noexec to mean "dont allow executable
mappings either" , or via a new mount option) address Thor's specific
issue?  As an alternative transitional path?

Then again, I got bitten enough by code which did
read-but-not-executable mappings sufficiently often that I have little
faith in apps which open shared libs (via dl_*) acutally doing the
right thing.  The only platform I'd have confidence in apps correctly
requesting PROT_EXEC is on Pyramids, or other hardware where the MMU
distinguished data-fetches from I-fetches, and honoured PROT_EXEC