lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200612280032.26101.rob@landley.net>
Date:	Thu, 28 Dec 2006 00:32:25 -0500
From:	Rob Landley <rob@...dley.net>
To:	Denis Vlasenko <vda.linux@...glemail.com>
Cc:	ray-gmail@...rabbit.org, linux-kernel@...r.kernel.org,
	"David McCullough" <david_mccullough@...securecomputing.com>
Subject: Re: Feature request: exec self for NOMMU.

On Wednesday 27 December 2006 9:48 pm, Denis Vlasenko wrote:
> Yes Rob, I know it can be done like this. But we don't want this.
> In the tar example, we want :
> 
> 'Run my own binary again, with parameters: "zcat" "a.tar.gz",
> even if there is no [/usr][/local]/bin/zcat -> busybox link anywhere'
> 
> We do not want to _search for_ zcat. We want to reexec our own binary.

If we find our own binary, we can reexec it.  What we search for isn't zcat, 
it's argv[0], and the search needs to be done in main() before any logic that 
can chdir or set $PATH gets called.  Then save that path until we need it.

The kernel does not currently provide an easy way to do exec ourselves, but we 
can do it ourself.  (And this is a way to do it _without_ proc.)

The problem is, there's no guarante that argv[0] is actually the first 
argument to exec(), it can be any arbitrary string.  (In fact, if tar wants 
to re-exec itself as zcat, we can take advantage of this with 
execv("/blah/tar", ["zcat", "-"]);)  So it's still a hack.  It should work if 
we're called from a shell, but not necessarily from elsewhere.

*shrug*  Kernel support for re-execing ourself would be nice, especially in 
combination with vfork().  If not, I'll figure something out and make it work 
in toybox.  There are a half-dozen non-kernel approaches, all varying degrees 
of hackish.  (And daemonize() can probably be done with clone().)

Rob
-- 
"Perfection is reached, not when there is no longer anything to add, but
when there is no longer anything to take away." - Antoine de Saint-Exupery
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ