To: linux-kernel@vger.kernel.org
Path: not-for-mail
From: daw@cs.berkeley.edu (David Wagner)
Newsgroups: isaac.lists.linux-kernel
Subject: Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps
Date: Wed, 4 Oct 2006 03:11:40 +0000 (UTC)
Organization: University of California, Berkeley
Message-ID: <efv8pc$31o$1@taverner.cs.berkeley.edu>
References: <45150CD7.4010708@aknet.ru> <45229C8E.6080503@redhat.com> <4522A691.7070700@aknet.ru> <4522B7CD.4040206@redhat.com>
Reply-To: daw-usenet@taverner.cs.berkeley.edu (David Wagner)
NNTP-Posting-Host: taverner.cs.berkeley.edu
NNTP-Posting-Date: Wed, 4 Oct 2006 03:11:40 +0000 (UTC)
Originator: daw@taverner.cs.berkeley.edu (David Wagner)
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 905
Lines: 16

Ulrich Drepper  wrote:
>noexec mounts the way _you_ want them are completely, utterly useless.
>nonexec mounts as they are today plus an upcoming mprotect patch give
>fine grained control.

Are you familiar with the mmap(PROT_EXEC, MAP_ANONYMOUS) loophole?

Even with the upcoming mprotect patch, it will still be straightforward
to circumvent the noexec protections.

>You have to use additional mechanism like SELinux
>to fill in all the holes but that's OK.

Is it even possible to use SELinux to fill in all the holes?  Can you
point me to the SELinux policy that fills in all the holes (including,
for instance, addressing mmap(PROT_EXEC, MAP_ANONYMOUS))?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/