Subject: Re: mmap(), security and /dev/zero
To: Matt Thomas <matt@3am-software.com>
From: David Laight <david@l8s.co.uk>
List: tech-security
Date: 06/24/2004 21:27:48
On Thu, Jun 24, 2004 at 10:00:14AM -0700, Matt Thomas wrote:
> On Jun 24, 2004, at 1:58 AM, Alan Barrett wrote:
> >How does the following compromise sound?
> >
> > shlibs must be in files that have "r" permission.
> > shlibs must be on file systems that honour "x" permission
> > (that is, were not mounted with the noexec option).
>
> Now that we have noexec permissions on pages (for some architectures),
> make the mapping of vnode backed pages with PROT_EXEC only be allowed
> on filesystems that were not mounted with noexec. Otherwise,
> mmap/uvm_map/mprotect will return EPERM for the mapping operation.
What do we do about code that optimises certain loops by generating
assembler on the fly - as might well be done for graphics bit-blitzing?
David
--
David Laight: david@l8s.co.uk