Re: [PATCH v2] fs/exec: require argv[0] presence in do_execveat_common()

From: Kees Cook
Date: Wed Jan 26 2022 - 16:25:31 EST

Next message: Guenter Roeck: "Re: [PATCH 4.4 000/114] 4.4.300-rc1 review"
Previous message: Jack Wang: "Re: [PATCH 5.10 01/25] md: revert io stats accounting"
In reply to: Ariadne Conill: "Re: [PATCH v2] fs/exec: require argv[0] presence in do_execveat_common()"
Next in thread: Ariadne Conill: "Re: [PATCH v2] fs/exec: require argv[0] presence in do_execveat_common()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jan 26, 2022 at 03:13:10PM -0600, Ariadne Conill wrote:
> Looks good to me, but I wonder if we shouldn't set an argv of
> {bprm->filename, NULL} instead of {"", NULL}. Discussion in IRC led to the
> realization that multicall programs will try to use argv[0] and might crash
> in this scenario. If we're going to fake an argv, I guess we should try to
> do it right.

They're crashing currently, though, yes? I think the goal is to move
toward making execve(..., NULL, NULL) just not work at all. Using the
{"", NULL} injection just gets us closer to protecting a bad userspace
program. I think things _should_ crash if they try to start depending
on this work-around.

--
Kees Cook

Next message: Guenter Roeck: "Re: [PATCH 4.4 000/114] 4.4.300-rc1 review"
Previous message: Jack Wang: "Re: [PATCH 5.10 01/25] md: revert io stats accounting"
In reply to: Ariadne Conill: "Re: [PATCH v2] fs/exec: require argv[0] presence in do_execveat_common()"
Next in thread: Ariadne Conill: "Re: [PATCH v2] fs/exec: require argv[0] presence in do_execveat_common()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]