Subject: Re: PROT_EXEC mappings of vnodes -> VTEXT
To: None <firstname.lastname@example.org>
From: Thor Lancelot Simon <email@example.com>
Date: 10/30/2001 11:13:17
On Tue, Oct 30, 2001 at 07:36:26AM -0800, Jason R Thorpe wrote:
> On Tue, Oct 30, 2001 at 10:28:24AM -0500, Thor Lancelot Simon wrote:
> > It seems to me there are three choices: let programs lose when their shared
> > libraries are switched out from under them, let users make arbitrary readable
> > files read-only, or enforce the "x" bit the right way.
> But even what you're suggesting wouldn't be "the right way". Add +x to
> libc.so and then do "./libc.so". This isn't really what you want, either.
| pla-muek# ls -l libc.so
| lrwxr-xr-x 1 root wheel 13 Oct 4 05:35 libc.so -> libc.so.12.79
| pla-muek# chmod 777 libc.so.12.79
| pla-muek# !.
| ./libc.so: Exec format error. Wrong Architecture.
I don't see how this is a particular problem. It's approximately what
happened under 4BSD if you tried to execute the kernel, which was usually
mode 755, for example. "Don't put /usr/lib in your search path if you're
so easily confused". Or, as Chris said, fix execve. Either way, it's a
lot better than letting arbitrary users make files unwritable.
Thor Lancelot Simon firstname.lastname@example.org
And now he couldn't remember when this passion had flown, leaving him so
foolish and bewildered and astray: can any man?