Subject: Re: PROT_EXEC mappings of vnodes -> VTEXT
To: None <firstname.lastname@example.org>
From: Jason R Thorpe <email@example.com>
Date: 10/30/2001 09:25:02
On Tue, Oct 30, 2001 at 08:06:22AM -0800, firstname.lastname@example.org wrote:
> email@example.com ("Jason R Thorpe") writes:
> > But even what you're suggesting wouldn't be "the right way". Add +x to
> > libc.so and then do "./libc.so". This isn't really what you want, either.
> Arguably that's a deficiency in sys_execve() then.
> But in any case, it's a _whole_ lot better than allowing a malicious
> user to cause any readable file to become unwritable (or, i guess, not
> open()able for write, right?).
Yes, but this problem is currently avoided with the VEXECMAP flag.
-- Jason R. Thorpe <firstname.lastname@example.org>