Subject: Re: mmap(), security and /dev/zero
To: David Laight <firstname.lastname@example.org>
From: Matt Thomas <email@example.com>
Date: 06/24/2004 13:25:43
At 01:27 PM 6/24/2004, David Laight wrote:
>On Thu, Jun 24, 2004 at 10:00:14AM -0700, Matt Thomas wrote:
> > On Jun 24, 2004, at 1:58 AM, Alan Barrett wrote:
> > >How does the following compromise sound?
> > >
> > > shlibs must be in files that have "r" permission.
> > > shlibs must be on file systems that honour "x" permission
> > > (that is, were not mounted with the noexec option).
> > Now that we have noexec permissions on pages (for some architectures),
> > make the mapping of vnode backed pages with PROT_EXEC only be allowed
> > on filesystems that were not mounted with noexec. Otherwise,
> > mmap/uvm_map/mprotect will return EPERM for the mapping operation.
>What do we do about code that optimises certain loops by generating
>assembler on the fly - as might well be done for graphics bit-blitzing?
Those aren't contained in vnode-backed pages, so that isn't covered by
the above proposal.
Matt Thomas email: firstname.lastname@example.org
3am Software Foundry www: http://3am-software.com/bio/matt/
Cupertino, CA disclaimer: I avow all knowledge of this message.