tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: core statement on fexecve, O_EXEC, and O_SEARCH

On Wed, Dec 05, 2012 at 04:03:40PM -0500, Mouse wrote:
 > >>   * whether the name in question is within the process' current
 > >>     root (forbidding fchdir and fchroot otherwise).
 > > Definitely.
 > I'm actually not convinced this is so obviously a good thing.
 > I see an analogy between root directories and UIDs.  We have chroot(),
 > and we have setuid() - but we also have setreuid().  I can see
 > potential use for chroot-hopping between multiple directories.
 > I'm not sure NetBSD should support that.  But I'm not sure it should
 > forbid it, either.  I'm not sure how I'd design an interface for it,
 > but it might be worth thinking about when implementing whatever NetBSD
 > eventually decides on.

Well, let me refine what I said: this should be part of the
permissions scheme for capability passing.

David A. Holland

Home | Main Index | Thread Index | Old Index