Subject: Re: mmap(), security and /dev/zero
To: Thor Lancelot Simon <tls@rek.tjls.com>
From: David Laight <david@l8s.co.uk>
List: tech-security
Date: 06/23/2004 21:24:48
> "Not exactly".  I believe we decided to not require the x bit on files
> backing executable mappings, because this would be a painful user-visible
> change (every shared object on the system would require x added to its
> permissions).

Yes - If 'x' were required then the shell (etc) will try to execute them.....
Requiring 'x' basically gives little or no (obvious) benefits, and a lot
of problems.

Of course it might be useful to be able to 'write-lock' shared libraries
(so writes generate ETXTBSY).

	David

-- 
David Laight: david@l8s.co.uk