Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751283AbWIWQgu (ORCPT ); Sat, 23 Sep 2006 12:36:50 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751285AbWIWQgu (ORCPT ); Sat, 23 Sep 2006 12:36:50 -0400 Received: from mail.aknet.ru ([82.179.72.26]:56332 "EHLO mail.aknet.ru") by vger.kernel.org with ESMTP id S1751283AbWIWQgt (ORCPT ); Sat, 23 Sep 2006 12:36:49 -0400 Message-ID: <451562F3.90103@aknet.ru> Date: Sat, 23 Sep 2006 20:38:11 +0400 From: Stas Sergeev User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Hugh Dickins Cc: Andrew Morton , Ulrich Drepper , Linux kernel Subject: Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps References: <45150CD7.4010708@aknet.ru> <451555CB.5010006@aknet.ru> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1336 Lines: 32 Hi. Hugh Dickins wrote: > nor with shm_open. It's just that the kernel is not allowing > mmap PROT_EXEC on a MNT_NOEXEC mount. Which seems reasonable Even for the MAP_PRIVATE mmaps? But what does that solve? Even if you restrict mprotect() too, the malicious app will simply read() the code in the anonymously mapped region, while the properly-written code just breaks. Is it documented in any spec or done in any other system? > If that's a problem for something, don't mount "noexec" Yes, I myself think "noexec" is rather useless and can always be bypassed. But whether that particular handling is correct, doesn't look obvious to me. >> Thanks for the pointer, but that looks like the user-space >> issue to me. Why ld.so can't figure out the "noexecness" and >> do the right thing itself? > That would be tiresome work. >> Or does it figure out the "noexecness" >> exactly by trying the PROT_EXEC mmap and see if it fails? > Exactly. So do you mean such a checks were added as a quick hack till the proper solution is implemented? That may explain the issue, at least partially... - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/