On Jan 28, 2005, at 1:57 AM, Joerg Sonnenberger wrote:

> This argument is just ridiculus. Nothing prevents an application from
> using dlopen-like mmaps at all.

Exactly.  And on some popular platforms (like i386), it's also very 
difficult to prevent the execution of arbitrary mmap'd code.  Even if 
you mark a file system as "noexec", a program could still use read(2) 
to read a file into an anon memory region that is then mprotect'd with 
PROT_EXEC.

Now, if you want to talk about the security implications of shared 
libraries (which, in this day and age, pretty much means "dynamic 
loading"), let's use the case of a security fix being made available 
for libc (or some other widely-used system library).  Sure is a lot 
easier to update one file than it is to re-link all of your binaries, 
isn't it?

-- thorpej