Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC

From: Florian Weimer
Date: Wed Dec 12 2018 - 15:13:28 EST

Next message: Gustavo A. R. Silva: "[PATCH] KVM: arm/arm64: vgic: fix off-by-one bug in vgic_get_irq()"
Previous message: Daniel Wang: "Re: 4.14 backport request for dbdda842fe96f: "printk: Add console owner and waiter logic to load balance console writes""
In reply to: James Morris: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Next in thread: James Morris: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* James Morris:

> If you're depending on the script interpreter to flag that the user may
> execute code, this seems to be equivalent in security terms to depending
> on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC?

The argument I've heard is this: Using ptrace (and adding the +x
attribute) are auditable events.

Florian

Next message: Gustavo A. R. Silva: "[PATCH] KVM: arm/arm64: vgic: fix off-by-one bug in vgic_get_irq()"
Previous message: Daniel Wang: "Re: 4.14 backport request for dbdda842fe96f: "printk: Add console owner and waiter logic to load balance console writes""
In reply to: James Morris: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Next in thread: James Morris: "Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]