Subject: Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
From: Arjan van de Ven <arjan@infradead.org>
To: Stas Sergeev <stsp@aknet.ru>
Cc: Andrew Morton <akpm@osdl.org>, Linux kernel <linux-kernel@vger.kernel.org>
In-Reply-To: <45150CD7.4010708@aknet.ru>
References: <45150CD7.4010708@aknet.ru>
Content-Type: text/plain
Organization: Intel International BV
Date: Sun, 24 Sep 2006 02:53:38 +0200
Message-Id: <1159059219.3093.276.camel@laptopd505.fenrus.org>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1156
Lines: 35

On Sat, 2006-09-23 at 14:30 +0400, Stas Sergeev wrote:
> Hi Andrew.
> 
> I am not sure at all whether this patch is appreciated
> or not. The on-list query yielded no results, but I have
> to try. :)
> 
> This patch removes the MNT_NOEXEC check for the PROT_EXEC
> mappings. 

so you remove a security check ...

> That allows to mount tmpfs with "noexec" option
> without breaking the existing apps, which is what debian
> wants to do for sequrity reasons:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=386945

... to add a "security" feature?

sounds like the wrong tradeoff!

If you can mmap PROT_EXEC the "noexec" mount option doesn't mean
anything! Because a elf binary loader is easily written in
perl/shell/whatever, the kernel "x" bit is just a convenience there!
The PROT_EXEC check at least makes it a bit harder to do anything like
this; not impossible obviously

Greetings,
   Arjan van de Ven

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/