Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756253AbXFWSBh (ORCPT ); Sat, 23 Jun 2007 14:01:37 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754044AbXFWSBb (ORCPT ); Sat, 23 Jun 2007 14:01:31 -0400 Received: from sovereign.computergmbh.de ([85.214.69.204]:2001 "EHLO sovereign.computergmbh.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754007AbXFWSBa (ORCPT ); Sat, 23 Jun 2007 14:01:30 -0400 Date: Sat, 23 Jun 2007 20:01:29 +0200 (CEST) From: Jan Engelhardt To: Alexander Wuerstlein cc: Arjan van de Ven , linux-kernel@vger.kernel.org, arw@arw.name Subject: Re: [PATCH] Check files' signatures before doing suid/sgid [2/4] In-Reply-To: <20070621174612.GG9741@cip.informatik.uni-erlangen.de> Message-ID: References: <11824417551424-git-send-email-arw@arw.name> <1182446251.2704.0.camel@laptopd505.fenrus.org> <20070621172557.GE9741@cip.informatik.uni-erlangen.de> <1182446983.2704.4.camel@laptopd505.fenrus.org> <20070621174612.GG9741@cip.informatik.uni-erlangen.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 705 Lines: 19 On Jun 21 2007 19:46, Alexander Wuerstlein wrote: > >If a process uses read() it needs some executable and writable memory. We do >check for this in mprotect(). There is a problem with the i386-architecture, >because it allows execution of any readable page (except with newer >processors). But beyond that ugliness of i386, it should not be possible to >execute anything without us noticing it (hopefully). r and x together is not a problem IMHO. Jan -- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/