Re: [RFC][PATCH] exec: Use init rlimits for setuid exec

From: Linus Torvalds
Date: Thu Jul 06 2017 - 12:50:49 EST

Next message: Peter Zijlstra: "Re: [PATCH v2 0/9] Remove spin_unlock_wait()"
Previous message: Arvind Yadav: "[PATCH] nfc: nxp-nci: constify acpi_device_id."
In reply to: Linus Torvalds: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Next in thread: Kees Cook: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jul 6, 2017 at 9:34 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> (a) minimal: just use our existing default stack (and stack _only_)
> limit value for suid binaries that actually get extra permissions: {
> _STK_LIM, RLIM_INFINITY }.
>
> (c) perhaps encourage people to annotate their suid binaries with
> initial resource requirements (and for stack, I mean the existing
> GNU_STACK ELF annotation in particular).

The more I look at that combination, the more I like it.

We already parse PT_GNU_STACK, and we already take the permission
values from there.

So taking the "p_memsz" field from there to mean the stack limit (if
it is non-zero) would be not only simple, but logical and clean.

And so if something ever wants more stack than 8MB, it would be
trivial to just use elf tools to mark that segment.

Ok, I admit that I don't know if there are any sane elf tools that do
this easily, but it still sounds conceptually like the RightThing(tm)
to do.

Linus

Next message: Peter Zijlstra: "Re: [PATCH v2 0/9] Remove spin_unlock_wait()"
Previous message: Arvind Yadav: "[PATCH] nfc: nxp-nci: constify acpi_device_id."
In reply to: Linus Torvalds: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Next in thread: Kees Cook: "Re: [RFC][PATCH] exec: Use init rlimits for setuid exec"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]