--W/nzBZO5zC0uMSeA
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 24, 2004 at 09:51:46AM +0900, Curt Sampson wrote:
>=20
> Doesn't the noexec flag allow you to do this already?
>=20

No, it needs this change to work. Otherwise, potentially, a program
executed from a r/o filesystem might be somehow tricked into loading
shlibs from a writable path.

If the shlib needed x bits in order to be executed, and the filesystem
it was on was noexec, then the potential hole is closed.

Count me amongst the group that like this change, btw.

--
Dan.

--W/nzBZO5zC0uMSeA
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFA2icAEAVxvV4N66cRAsr3AKDUahNhNHqYF7qdZvXhfmAvfjKWXACg4a4k
LS1v45PtAFKI69yPL65tlkY=
=bw8s
-----END PGP SIGNATURE-----

--W/nzBZO5zC0uMSeA--