On Tue, Oct 30, 2001 at 10:06:57AM -0500, Thor Lancelot Simon wrote:
> On Mon, Oct 29, 2001 at 09:53:05PM -0800, Chuck Silvers wrote:
> > hi,
> > 
> > cool, I'm glad that this improves the situation so much.
> > 
> > but I really don't think we should allow unpriviledged users
> > to cause any file they can read to become read-only just by
> > mapping it with PROT_EXEC.  the VTEXT flag was originally used
> > just for the read-only part, I was overloading it when I used it
> > for affecting paging behaviour.
> 
> I would like to point out that were my suggestion of only allowing
> mappings of files *with execute permission* to be set PROT_EXEC
> implemented, this problem (user can make file read-only by mapping
> it PROT_EXEC) would not exist.

Tangential issue; PROT_EXEC shouldn't be permitted for vnodes on
file systems mounted no-exec. Or is this already the case?