[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <e166bc39-4d3e-ff03-6b14-3a05a487acc3@phasetw0.com>
Date: Tue, 1 Feb 2022 12:54:08 -0800
From: hypervis0r <hypervis0r@...setw0.com>
To: dalias@...c.org
Cc: ariadne@...eferenced.org, ebiederm@...ssion.com,
keescook@...omium.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, viro@...iv.linux.org.uk
Subject: Re: [PATCH] fs/exec: require argv[0] presence in do_execveat_common()
> I'm not really opposed to attempting to change this with consensus
> (like, actually proposing it on the Austin Group tracker), but a less
> invasive change would be just enforcing it for the case where exec is
> a privilege boundary (suid/sgid/caps). There's really no motivation
> for changing longstanding standard behavior in a
> non-privilege-boundary case.
I don't really see it as a matter of "maintaining standard behavior".
there are very little uses for this ABI feature to be present and only
serves to make applications harder to port between Linux and other *nix
systems. The pros (major vulnerabilities like CVE-2021-4034) outweigh
the cons (minor userland ABI change that only affects shellcode on
shell-storm.org) in this particular scenario, and I am all for this patch.
Powered by blists - more mailing lists