| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Oct 2006 22:06:09 +0400 From: Stas Sergeev <stsp@...et.ru> To: Ulrich Drepper <drepper@...hat.com> Cc: Arjan van de Ven <arjan@...radead.org>, Linux kernel <linux-kernel@...r.kernel.org>, Alan Cox <alan@...rguk.ukuu.org.uk>, Hugh Dickins <hugh@...itas.com>, Valdis.Kletnieks@...edu Subject: Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps Hello. Ulrich Drepper wrote: > You keep repeating the same nonsense over and over again, lot listening > to anybody who doesn't agree with your position. My position is simple: the ld.so problem needs a better solution than the current one. The current one, for example, still allows to use ld.so directly to execute the files for which you do not have an exec permission. And that's not an only problem... > If you don't want to have the noexec semantics on a filesystem, remove > it. And allow an attacker to store his files on that partition, and then execute them. > Not using the strict (mmap + protect) makes the whole thing There is no "mmap + mprotect" here - only mmap was changed. > completely meaningless since ld.so can be invoked directly. I have already proposed another solution for ld.so problem 3 times. That fact doesn't make it a good solution of course, but obviously you haven't had a look. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists