lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1158166a0906241649u78c717c4q8aebfe16e6018e78@mail.gmail.com>
Date:	Thu, 25 Jun 2009 01:49:13 +0200
From:	Denys Vlasenko <vda.linux@...glemail.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, vapier@...too.org
Subject: Re: [PATCH] allow execve'ing "/proc/self/exe" even if /proc is not 
	mounted

On Thu, Jun 25, 2009 at 1:21 AM, Andrew Morton<akpm@...ux-foundation.org> wrote:
> On Thu, 25 Jun 2009 01:00:56 +0200
> Denys Vlasenko <vda.linux@...glemail.com> wrote:
>> In some circumstances running process needs to re-execute
>> its image.
...
>> More elegant way is to execute /proc/self/exe.
>> This works just fine as long as /proc is mounted.
>>
>> But it breaks if /proc isn't mounted, and this can happen in real-world
>> usage. For example, when shell invoked very early in initrd/initramfs.
>
> Why can't userspace mount /proc before doing the daemonization?

Some people want to unset CONFIG_PROC_FS, and still have
working POSIX compatible shell. Coincidentally, NOMMU
machines, ones which *require* re-execution of the shell to support that,
tent to be the most memory starved machines too (thus most likely
to be those where people desire to unset CONFIG_PROC_FS).

> Oh geeze.  Hard-coded "/proc/self/exec" it the middle of the core exec
> code?  You're a brave man.

There are other alternatives. This looked to be the least ugly
to me.

We can special-case execve(NULL, ...).
But I feared people would say this will change previously-buggy
userspace code into one acting weirdly; in come cases
leading to infinite execve loops. Do you think it's better
than "/proc/self/exe"?

Then I thought about using a special name to mean "re-execute me",
like "", or "/./self" or whatever. Whatever I though about,
it was either risking a collision with a real file, or was too ugly,
or both.

Then it occurred to me that "/proc/self/exe" _already is_
such a name. It is _already used_ for this purpose, so the userspace
does not need to be changed.

For the extra non-intrusiveness, the hack kicks in only if
/proc/self/exe does not exist.


[code style notes skipped. I will re-write it in whatever form
 you like it most, when/if it will be agreed on in principle ]

> But don't do any of that yet.  This will be an unpopular patch and I
> fear for its future ;)

Propose some other way to make it possible to re-execute a binary
without /proc.
--
vda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ