Re: [PATCH] fexecve

To: Julian Yon <julian%yon.org.uk@localhost>
Subject: Re: [PATCH] fexecve
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Sun, 18 Nov 2012 14:31:29 -0500

On Sun, Nov 18, 2012 at 07:27:27PM +0000, Julian Yon wrote:
> On Sat, 17 Nov 2012 21:45:02 +0000
> David Laight <david%l8s.co.uk@localhost> wrote:
> 
> > On Fri, Nov 16, 2012 at 12:52:30PM +0000, Julian Yon wrote:
> > > 
> > > What does this gain over passing a filename around? (NB. I'm not
> > > claiming that's an entirely safe model either, but it's already
> > > possible).
> > 
> > You don't need the executable image inside the chroot.
> 
> I don't believe that's intended to be possible, and if it is, I'm not
> sure it's a gain.

I actually think it might be, if it didn't run the risk of blowing up
code that wasn't written to expect it.

If we're going to commit this syscall at all, I think it should be
accompanied by a new socket option for unix domain sockets, which
defaults to "off", but if explicitly set to "on", allows file descriptors
passed across the socket to be used for exec.

Thor

Follow-Ups:
- Re: [PATCH] fexecve
  - From: Matt Thomas
- Re: [PATCH] fexecve
  - From: Julian Yon

References:
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon
- Re: [PATCH] fexecve
  - From: Emmanuel Dreyfus
- Re: [PATCH] fexecve
  - From: Joerg Sonnenberger
- Re: [PATCH] fexecve
  - From: David Laight
- Re: [PATCH] fexecve
  - From: Julian Yon
- Re: [PATCH] fexecve
  - From: David Laight
- Re: [PATCH] fexecve
  - From: Julian Yon

Prev by Date: Re: Can't load solaris and zfs module in Xen DomU
Next by Date: Re: fexecve, round 2
Previous by Thread: Re: [PATCH] fexecve
Next by Thread: Re: [PATCH] fexecve
Indexes:

Home | Main Index | Thread Index | Old Index