Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Fri, 5 Oct 2001 14:50:07 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Fri, 5 Oct 2001 14:49:58 -0400 Received: from waste.org ([209.173.204.2]:10811 "EHLO waste.org") by vger.kernel.org with ESMTP id ; Fri, 5 Oct 2001 14:49:47 -0400 Date: Fri, 5 Oct 2001 13:51:50 -0500 (CDT) From: Oliver Xymoron To: Linus Torvalds cc: Horst von Brand , "Eric W. Biederman" , Alan Cox , Alexander Viro , Subject: Re: Security question: "Text file busy" overwriting executables but In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 5 Oct 2001, Linus Torvalds wrote: > On Fri, 5 Oct 2001, Horst von Brand wrote: > > > Linus Torvalds said: > > > On 5 Oct 2001, Eric W. Biederman wrote: > > > > [...] > > > > > > Currently checking to see if the file is executable looks good > > > > enough. > > > > > > [ executable by the user in question, not just anybody ] > > > > > > Yes, I suspect it is. > > > > Who is "user in question"? It is quite legal (if strange) to have a file > > user A can modify, but not execute, while B can execute it. > > The "user in question" being the one that actually does the > mmap(MAP_DENYWRITE). If _he_ can execute the file, that would be > reason enough to think that he can deny others from writing to it while he > has it mapped.. This violates principle of least surprise. It _should_ be harmless for an admin to mark /var/log/utmp +x, yes? Stupid, but harmless. Now suppose it lives on VFAT... -- "Love the dolphins," she advised him. "Write by W.A.S.T.E.." - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/