| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 10 Jan 2015 00:01:08 +0000 From: Al Viro <viro@...IV.linux.org.uk> To: Andy Lutomirski <luto@...capital.net> Cc: Rich Felker <dalias@...ifal.cx>, David Drysdale <drysdale@...gle.com>, "Michael Kerrisk (man-pages)" <mtk.manpages@...il.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, Meredydd Luff <meredydd@...atehouse.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Andrew Morton <akpm@...ux-foundation.org>, David Miller <davem@...emloft.net>, Thomas Gleixner <tglx@...utronix.de>, Stephen Rothwell <sfr@...b.auug.org.au>, Oleg Nesterov <oleg@...hat.com>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, Kees Cook <keescook@...omium.org>, Arnd Bergmann <arnd@...db.de>, Christoph Hellwig <hch@...radead.org>, X86 ML <x86@...nel.org>, linux-arch <linux-arch@...r.kernel.org>, Linux API <linux-api@...r.kernel.org>, sparclinux@...r.kernel.org Subject: Re: [PATCHv10 man-pages 5/5] execveat.2: initial man page for execveat(2) On Fri, Jan 09, 2015 at 03:24:12PM -0800, Andy Lutomirski wrote: > I think that, if we really want to support clean fexecve on O_CLOEXEC > scripts some day, the right way to do it is to fix the script > interface for real. Have a special flag in the headers of script > interpreters that support a new interface that says "when I'm a script > interpreter, I expect an auxv entry AT_SCRIPT_FD with an open fd with > CLOEXEC set". Then we can directly exec scripts by fd, even with > O_CLOEXEC set, without any races. Amazing. Let me see if I got it straight - you want a magical Linux-only flag to mark the binaries that might be used as interpreters. _Plus_ the Linux-only logics in their source to go with that. With corresponding kludges to parsing the command line (you know, like #!/usr/bin/make -f as the first line in a script - somehow it should recognize the deep magic of the oh so fucking superior interface and suppress the normal behaviour). Maintained by hell knows whom. Onna stick. Inna bun. CMOT Dibbler would be proud... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists