Re: fexecve

To: tech-kern%netbsd.org@localhost
Subject: Re: fexecve
From: christos%astron.com@localhost (Christos Zoulas)
Date: Sun, 8 Sep 2019 18:27:11 -0000 (UTC)

In article <20190908180303.GA6168%panix.com@localhost>,
Thor Lancelot Simon  <tls%panix.com@localhost> wrote:
>On Sun, Sep 08, 2019 at 01:23:46PM -0400, Christos Zoulas wrote:
>> 
>> Here's a simple fexecve(2) implementation. Comments?
>
>I think this is dangerous in systems which use chroot into filesystems
>mounted noexec (or nosuid) and file-descriptor passing into the constrained
>environment to feed data.  Now new executables (and even setuid ones) can
>be fed in, too.
>
>What can we do about that?

- We can completely dissallow fexecve in chrooted environments.

or

- We can check the permissions of the mountpoint of the current working
  directory in addition to checking the mountpoint of the executable's
  vnode.

christos

Follow-Ups:
- Re: fexecve
  - From: Alexander Nasonov
- Re: fexecve
  - From: Thor Lancelot Simon

References:
- fexecve
  - From: Christos Zoulas
- Re: fexecve
  - From: Thor Lancelot Simon

Prev by Date: Re: fexecve
Next by Date: Re: fexecve
Previous by Thread: Re: fexecve
Next by Thread: Re: fexecve
Indexes:

Home | Main Index | Thread Index | Old Index