tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: O_NOACCESS?



On Sat, Feb 11, 2012 at 07:12:32PM -0500, Mouse wrote:
>

> > (Note that while there may be no use for #2 in userlevel code, unless
> > perhaps if we add an fexecve() call, having it would be convenient in
> > the kernel.)
> 
> fexecve() makes a lot of sense too.  So would an flink(), and indeed f*
> versions of any other call which uses a path just to name an object
> rather than as a relevant part of the syscall.

We'd want to be a bit careful about adding these as there are
permission checks that are implied by specifying a path which you
do not get with the f* calls mentioned.  Normally, these are not
going to be terribly different but in the case of suid programs or
chroot'ed programs, we'd want to analyse how we might change the
security model.

--
    Roland Dowdeswell                      http://Imrryr.ORG/~elric/


Home | Main Index | Thread Index | Old Index