lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 08 Oct 2006 14:36:07 +0400
From:	Stas Sergeev <stsp@...et.ru>
To:	Jeremy Fitzhardinge <jeremy@...p.org>
Cc:	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Jakub Jelinek <jakub@...hat.com>,
	Arjan van de Ven <arjan@...radead.org>,
	Linux kernel <linux-kernel@...r.kernel.org>,
	Hugh Dickins <hugh@...itas.com>,
	Ulrich Drepper <drepper@...hat.com>
Subject: Re: [patch] honour MNT_NOEXEC for access()

Hi.

Jeremy Fitzhardinge wrote:
>> What if the currently-unused MAP_EXECUTABLE flag became a
>> way for the program to express that it needs an exec perm,
>> and so the mmap should fail if there is none? I think ld.so
>> will be happy using such a flag...
> Yes, but it doesn't solve the fact that there isn't really anything 
> special about ld.so, so putting special checks into it doesn't really 
But this is not the checks - just a flag, MAP_EXECUTABLE, which
may mean that the exec perms are required.
Currently there is no way for the program to express that
explicitly (if only by the use of the mprotect call), so
why not to add one?

> Also, I guess there's the general question of what the noexec mount flag 
> really means?  Does it mean "make the execve syscall fail", or does it 
> mean "no bits on this filesystem may be interpreted as instructions".  
Since PROT_EXEC doesn't require an exec perm on file, I don't
see why "noexec" should be special.

> The former is simple to implement, but probably not very useful; the 
It can be usefull if you put it on all the user-writable
mounts of yours - then someone can't easily exec his exploit.

> latter is not possible to implement in general.
At least without selinux - yes, so my question was why to
even add the hacks.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ