Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)

From: Florian Weimer
Date: Mon May 18 2020 - 03:26:57 EST


* Kees Cook:

> I think I misunderstood what you meant (MickaÃÂl got me sorted out
> now). If O_EXEC is already meant to be "EXEC and _not_ READ nor WRITE",
> then yes, this new flag can't be O_EXEC. I was reading the glibc
> documentation (which treats it as a permission bit flag, not POSIX,
> which treats it as a complete mode description).

I see. I think this part of the manual is actually very Hurd-specific
(before the O_ACCMODE description). I'll see if I can make this clearer
in the markup.

Thanks,
Florian