Subject: Re: PROT_EXEC mappings of vnodes -> VTEXT
To: Thor Lancelot Simon <firstname.lastname@example.org>
From: Luke Mewburn <email@example.com>
Date: 10/31/2001 02:10:47
On Tue, Oct 30, 2001 at 10:06:57AM -0500, Thor Lancelot Simon wrote:
> On Mon, Oct 29, 2001 at 09:53:05PM -0800, Chuck Silvers wrote:
> > hi,
> > cool, I'm glad that this improves the situation so much.
> > but I really don't think we should allow unpriviledged users
> > to cause any file they can read to become read-only just by
> > mapping it with PROT_EXEC. the VTEXT flag was originally used
> > just for the read-only part, I was overloading it when I used it
> > for affecting paging behaviour.
> I would like to point out that were my suggestion of only allowing
> mappings of files *with execute permission* to be set PROT_EXEC
> implemented, this problem (user can make file read-only by mapping
> it PROT_EXEC) would not exist.
Tangential issue; PROT_EXEC shouldn't be permitted for vnodes on
file systems mounted no-exec. Or is this already the case?