On Tue, Oct 30, 2001 at 08:06:22AM -0800, cgd@broadcom.com wrote:

 > thorpej@wasabisystems.com ("Jason R Thorpe") writes:
 > > But even what you're suggesting wouldn't be "the right way".  Add +x to
 > > libc.so and then do "./libc.so".  This isn't really what you want, either.
 > 
 > Arguably that's a deficiency in sys_execve() then.
 > 
 > But in any case, it's a _whole_ lot better than allowing a malicious
 > user to cause any readable file to become unwritable (or, i guess, not
 > open()able for write, right?).

Yes, but this problem is currently avoided with the VEXECMAP flag.

-- 
        -- Jason R. Thorpe <thorpej@wasabisystems.com>