tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: fexecve, round 2



On Mon, Nov 19, 2012 at 05:23:07AM +0000, David Holland wrote:
> Also, it obviously needs to be possible to open files O_RDONLY|O_EXEC
> for O_EXEC to be useful, and open directories O_RDONLY|O_SEARCH, and
> so forth. I don't know what POSIX may have been thinking when they
> tried to forbid this but forbidding it makes about as much sense as
> forbidding O_RDWR, maybe less.

It seems consistent with the check at system call time that you proposed 
to forbid. Here is how I understand it for an openat/mkdirat sequence:
- openat() without O_SEARCH, get a search check at mkdirat() time
- openat() with O_SEARCH, mkdirat() performs no search check.

and for openat/fexecve:
- openat() without O_SEXEC, get a execute check at fexecve() time
- openat() with O_EXEC, fexecve() performs no exec check.

If you have r-x permission, you open with O_RDONLY and you do not need
O_SEARCH/O_EXEC. 

If you have --x permission, you open with O_SEARCH/O_EXEC

-- 
Emmanuel Dreyfus
manu%netbsd.org@localhost


Home | Main Index | Thread Index | Old Index