Subject: Re: mmap(), security and /dev/zero
To: Curt Sampson <cjs@cynic.net>
From: Daniel Carosone <dan@geek.com.au>
List: tech-kern
Date: 06/24/2004 11:11:47
--MfFXiAuoTsnnDAfZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 24, 2004 at 10:01:28AM +0900, Curt Sampson wrote:

> > No, it needs this change to work. Otherwise, potentially, a program
> > executed from a r/o filesystem might be somehow tricked into loading
> > shlibs from a writable path.
>=20
> I don't quite understand this. Ought not any page in core backed by a
> page on a noexec filesystem be marked non-executable, regardless of any
> other circumstances?

Hm. Perhaps it ought to be, yes.  That's not how I understand it works
currently, though.  Nice idea.

--
Dan.


--MfFXiAuoTsnnDAfZ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFA2ipTEAVxvV4N66cRAsNAAJ46i1SvMEccq21lPS/EYmI9TE01kQCgpVRz
Wa/ByebrIv0rbYHf+C8lYBU=
=vNPK
-----END PGP SIGNATURE-----

--MfFXiAuoTsnnDAfZ--