* Makan Pourzandi (Makan.Pourzandi@xxxxxxxxxxxx) wrote:
Serge E. Hallyn wrote:
Quoting Chris Wright (chrisw@xxxxxxxx):
AFAICT, this means anybody with read access to a file can block all
writes. This doesn't sound great.
True.
This could be fixed by adding a check at the top of dsi_file_mmap for
file->f_dentry->d_inode->i_mode & MAY_EXEC. Of course then shared
libraries which are installed without execute permissions will cause
apps to break. On my quick test, I couldn't run xterm or vi :)
Note that blocking writes requires that the file be a valid ELF file,
as this is all that digsig mediates. So I'm not sure which we worry
about more - the fact that all shared libraries have to be installed
with execute permissions (under the proposed solution), or that write
My 2 cents, a quick browsing on my machine (fedora core 1) shows that almost all my shared libraries are installed with both execution and read permissions. IMHO, I don't believe then that this should be considered as a major issue.
This has nothing to do with file permissions aside of read. All you need
is read permission, then you can mmap(PROT_EXEC) which will kick off the
check, and do deny_write_access. It's a freeform way to lock writers
out of any readable file in the system. This is why MAP_EXECUTABLE and
MAP_DENYWRITE are masked off at syscall entry.
thanks,
-chris