Re: [PATCH v6 5/6] binfmt_*: scope path resolution of interpreters

From: Linus Torvalds
Date: Sun May 12 2019 - 06:52:40 EST

Next message: Hariprasad Kelam: "[PATCH v3] drivers: staging : wlan-ng : collect return status without variable"
Previous message: Guido GÃnther: "[PATCH v11 0/2] Mixel MIPI DPHY support for NXPs i.MX8 SOCs"
In reply to: Christian Brauner: "Re: [PATCH v6 5/6] binfmt_*: scope path resolution of interpreters"
Next in thread: Aleksa Sarai: "Re: [PATCH v6 5/6] binfmt_*: scope path resolution of interpreters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, May 11, 2019 at 7:37 PM Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote:
>
> I bet this will break something that already exists. An execveat() flag to turn off /proc/self/exe would do the trick, though.

Thinking more about it, I suspect it is (once again) wrong to let the
thing that does the execve() control that bit.

Generally, the less we allow people to affect the lifetime and
environment of a suid executable, the better off we are.

But maybe we could limit /proc/*/exe to at least not honor suid'ness
of the target? Or does chrome/runc depend on that too?

Linus

Next message: Hariprasad Kelam: "[PATCH v3] drivers: staging : wlan-ng : collect return status without variable"
Previous message: Guido GÃnther: "[PATCH v11 0/2] Mixel MIPI DPHY support for NXPs i.MX8 SOCs"
In reply to: Christian Brauner: "Re: [PATCH v6 5/6] binfmt_*: scope path resolution of interpreters"
Next in thread: Aleksa Sarai: "Re: [PATCH v6 5/6] binfmt_*: scope path resolution of interpreters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]