tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: fexecve, round 2

On Sun, Nov 18, 2012 at 06:16:00PM +0000, David Holland wrote:
 >  > This appears to contradict either the description of O_EXEC in the
 >  > standard, or the standard's rationale for adding fexecve().  The
 >  > standard says O_EXEC causes the file to be open for execution "only".
 >  > 
 >  > In other words, O_EXEC means you can't read nor write the file.  Now
 >  > the rationale for fexecve() doesn't hold, since you cannot read from
 >  > the fd, then exec from it without a reopen.
 >  > 
 >  > Further, requiring O_EXEC would seem to directly contravene the
 >  > standard's language about fexecve()'s behavior.
 > The standard is clearly wrong on a number of points and doesn't match
 > the historical design and behavior of Unix. Let's either implement
 > something correct, or not implement it at all.

Also it seems that the specification of O_SEARCH (and I think the
implementation we just got, too) is flawed in the same way - it is
performing access checks at use time instead of at open time.

(Also the implementation we just got seems to be missing any access
check at open time -- this seems entirely wrong.)

David A. Holland

Home | Main Index | Thread Index | Old Index