Re: fexecve, round 3

To: Christos Zoulas <christos%astron.com@localhost>
Subject: Re: fexecve, round 3
From: David Laight <david%l8s.co.uk@localhost>
Date: Sun, 25 Nov 2012 23:47:14 +0000

On Sun, Nov 25, 2012 at 07:54:59PM +0000, Christos Zoulas wrote:
> >
> >> Does everyone agrees on this interpretation? If we do, next steps are
> >> - describe threats this introduce to chrooted processes

Given a chrooted process would need a helping process outside the
chroot (to pass it the fd), why is allowing the chrooted proccess to
exec something any different from it arranging to get the helper
to do it?

I think it can only matter if the uid of the chroot is root.
Even then you could (probably) do nothing you couldn;t do by
mmaping some anon space with exec permissions and writing code to it.

FWIW IIRC the standard says that O_EXEC can't be applied with O_READONLY
(Or O_RDWR) but does it say that you can't read from a file opened O_EXEC ?

        David

-- 
David Laight: david%l8s.co.uk@localhost

Follow-Ups:
- Re: fexecve, round 3
  - From: Emmanuel Dreyfus
- Re: fexecve, round 3
  - From: Roland C. Dowdeswell

References:
- fexecve, round 3
  - From: Emmanuel Dreyfus
- Re: fexecve, round 3
  - From: Thor Lancelot Simon
- Re: fexecve, round 3
  - From: Christos Zoulas

Prev by Date: core statement on fexecve, O_EXEC, and O_SEARCH
Next by Date: Re: fexecve, round 3
Previous by Thread: Re: fexecve, round 3
Next by Thread: Re: fexecve, round 3
Indexes:

Home | Main Index | Thread Index | Old Index