Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC

From: Mimi Zohar
Date: Thu Dec 13 2018 - 06:04:47 EST

Next message: Kyle Tso: "Re: [PATCH] usb: typec: tcpm: Extend the matching rules on PPS APDO selection"
Previous message: Vincent Guittot: "Re: [PATCH v2] sched/fair: fix 1 task per CPU"
In reply to: Florian Weimer: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Next in thread: Florian Weimer: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2018-12-12 at 19:02 -0800, Matthew Wilcox wrote:
> On Wed, Dec 12, 2018 at 09:17:07AM +0100, MickaÃl SalaÃn wrote:
> > The goal of this patch series is to control script interpretation. A
> > new O_MAYEXEC flag used by sys_open() is added to enable userland script
> > interpreter to delegate to the kernel (and thus the system security
> > policy) the permission to interpret scripts or other files containing
> > what can be seen as commands.
>
> I don't have a problem with the concept, but we're running low on O_ bits.
> Does this have to be done before the process gets a file descriptor,
> or could we have a new syscall? Since we're going to be changing the
> interpreters anyway, it doesn't seem like too much of an imposition to
> ask them to use:
>
> int verify_for_exec(int fd)
>
> instead of adding an O_MAYEXEC.

The indication needs to be set during file open, before the open
returns to the caller. ÂThis is the point where ima_file_check()
verifies the file's signature. ÂOn failure, access to the file is
denied.

Mimi

Next message: Kyle Tso: "Re: [PATCH] usb: typec: tcpm: Extend the matching rules on PPS APDO selection"
Previous message: Vincent Guittot: "Re: [PATCH v2] sched/fair: fix 1 task per CPU"
In reply to: Florian Weimer: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Next in thread: Florian Weimer: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]