tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: more fexecve questions



In article <20190910195235.GP720%irregular-apocalypse.k.bsd.de@localhost>,
Christoph Badura  <bad%bsd.de@localhost> wrote:
>On Tue, Sep 10, 2019 at 09:45:50PM +0200, Christoph Badura wrote:
>> This is to catch the following case(s): The file might have the
>> following permissions "--x--x--x" (or equivalent where the open()ing
>> process doesn't have read or write permission).  Since you can open such
>                                                             ^can't open such
>> a file for reading or writing (except as root) you need an additional
>> flag to open() to obtain a file descriptor that can be passed to
>> fexecve().  That's what O_EXEC is for.  Whether the receiving process
>> can successfully fexecve(2) such a file descriptor is another matter.
>> That's what the "execute permission is checked by fexecve()" specifies.

The implementation I posted requires O_EXEC because this is the only way
to set FEXEC which is part of the check_exec() tests. Of course we can
elide this test and not require it in the fd case. It just seems nicely
symmetric to me the way it is now.

christos



Home | Main Index | Thread Index | Old Index