Re: [patch] honour MNT_NOEXEC for access()
From: Jesper Juhl
Date: Sun Oct 08 2006 - 06:40:04 EST
On 08/10/06, Jeremy Fitzhardinge <jeremy@xxxxxxxx> wrote:
[snip]
Also, I guess there's the general question of what the noexec mount flag
really means? Does it mean "make the execve syscall fail", or does it
mean "no bits on this filesystem may be interpreted as instructions".
The former is simple to implement, but probably not very useful; the
latter is not possible to implement in general.
As I see it, what we can resonably do with 'noexec' is
- make execve() fail.
- make access(), faccessat() return EACCESS for files stored on
'noexec' filesystems.
- make mmap(...PROT_EXEC...) fail for files stored on 'noexec' filesystems.
For things like /dev/shm we can additionally let 'noexec' mean "don't
allow executable shared memory".
Since we can't really prevent things like perl/php/bash/tcl/whatever
scripts from being executed/interpreted from there with this
mechanism, let's not worry about that. Leave that for things like
SELinux to deal with.
I don't think we can do much more with 'noexec'.
--
Jesper Juhl <jesper.juhl@xxxxxxxxx>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/