Re: fexecve, round 2

To: David Holland <dholland-tech%netbsd.org@localhost>
Subject: Re: fexecve, round 2
From: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Date: Mon, 19 Nov 2012 08:08:58 +0000

On Mon, Nov 19, 2012 at 05:23:07AM +0000, David Holland wrote:
> Also, it obviously needs to be possible to open files O_RDONLY|O_EXEC
> for O_EXEC to be useful, and open directories O_RDONLY|O_SEARCH, and
> so forth. I don't know what POSIX may have been thinking when they
> tried to forbid this but forbidding it makes about as much sense as
> forbidding O_RDWR, maybe less.

It seems consistent with the check at system call time that you proposed 
to forbid. Here is how I understand it for an openat/mkdirat sequence:
- openat() without O_SEARCH, get a search check at mkdirat() time
- openat() with O_SEARCH, mkdirat() performs no search check.

and for openat/fexecve:
- openat() without O_SEXEC, get a execute check at fexecve() time
- openat() with O_EXEC, fexecve() performs no exec check.

If you have r-x permission, you open with O_RDONLY and you do not need
O_SEARCH/O_EXEC. 

If you have --x permission, you open with O_SEARCH/O_EXEC

-- 
Emmanuel Dreyfus
manu%netbsd.org@localhost

Follow-Ups:
- Re: fexecve, round 2
  - From: David Laight

References:
- fexecve, round 2
  - From: Emmanuel Dreyfus
- Re: fexecve, round 2
  - From: Thor Lancelot Simon
- Re: fexecve, round 2
  - From: David Holland
- Re: fexecve, round 2
  - From: David Holland
- Re: fexecve, round 2
  - From: David Holland

Prev by Date: re: Can't load solaris and zfs module in Xen DomU
Next by Date: Re: fexecve, round 2
Previous by Thread: Re: fexecve, round 2
Next by Thread: Re: fexecve, round 2
Indexes:

Home | Main Index | Thread Index | Old Index