tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [PATCH] fexecve

On Sun, 18 Nov 2012 14:08:05 -0800
Matt Thomas <> wrote:

> Given that, you can't open a file for read & exec, just either read
> or just exec.  So how would verification work again?  Seems to me you
> need a fcntl that would allow you to change the access mode of the
> file descriptor.

Incredibly, the spec defines the illogical behaviour: “Since execute
permission is checked by fexecve(), the file description fd need not
have been opened with the O_EXEC flag. However, if the file to be
executed denies read and write permission for the process preparing to
do the exec, the only way to provide the fd to fexecve() will be to use
the O_EXEC flag when opening fd. In this case, the application will not
be able to perform a checksum test since it will not be able to read
the contents of the file.”

i.e. If you want to read and exec, you open with O_RDONLY. If you don't
have read rights you can open with O_EXEC instead, and you can't read
the file you just opened; it merely provides a mechanism to pointlessly
use fexecve.


3072D/F3A66B3A Julian Yon (2012 General Use) <>

Attachment: signature.asc
Description: PGP signature

Home | Main Index | Thread Index | Old Index