On Mon, Nov 19, 2012 at 05:23:07AM +, David Holland wrote:
Also, it obviously needs to be possible to open files O_RDONLY|O_EXEC
for O_EXEC to be useful, and open directories O_RDONLY|O_SEARCH, and
so forth. I don't know what POSIX may have been thinking when they
tried to forbid this but
On Mon, Nov 19, 2012 at 05:23:07AM +, David Holland wrote:
On Sun, Nov 18, 2012 at 06:51:51PM +, David Holland wrote:
This appears to contradict either the description of O_EXEC in the
standard, or the standard's rationale for adding fexecve(). The
standard says
On Mon, Nov 19, 2012 at 08:08:58AM +, Emmanuel Dreyfus wrote:
On Mon, Nov 19, 2012 at 05:23:07AM +, David Holland wrote:
Also, it obviously needs to be possible to open files O_RDONLY|O_EXEC
for O_EXEC to be useful, and open directories O_RDONLY|O_SEARCH, and
so forth. I don't know
On Mon, 19 Nov 2012 08:38:11 +
David Laight da...@l8s.co.uk wrote:
On Mon, Nov 19, 2012 at 08:08:58AM +, Emmanuel Dreyfus wrote:
If you have r-x permission, you open with O_RDONLY and you do not
need O_SEARCH/O_EXEC.
If you have --x permission, you open with O_SEARCH/O_EXEC
On Mon, Nov 19, 2012 at 02:39:36PM +, Julian Yon wrote:
No, Emmanuel is right: [...] use the O_EXEC flag when opening fd. In
this case, the application will not be able to perform a checksum test
since it will not be able to read the contents of the file. You can
open with --x but
On Mon, Nov 19, 2012 at 03:13:02PM +, Emmanuel Dreyfus wrote:
On Mon, Nov 19, 2012 at 02:39:36PM +, Julian Yon wrote:
No, Emmanuel is right: [...] use the O_EXEC flag when opening fd. In
this case, the application will not be able to perform a checksum test
since it will not be able
On Mon, Nov 19, 2012 at 11:25:07AM -0500, Thor Lancelot Simon wrote:
On Mon, Nov 19, 2012 at 03:13:02PM +, Emmanuel Dreyfus wrote:
On Mon, Nov 19, 2012 at 02:39:36PM +, Julian Yon wrote:
No, Emmanuel is right: [...] use the O_EXEC flag when opening fd. In
this case, the
David Laight da...@l8s.co.uk wrote:
Given the comments later about O_SEARCH | O_RDONLY not being distinguishable
from O_SEARCH
The satandard forbids O_SEARCH | O_RDONLY anyway, so it should not be a
problem.
--
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
m...@netbsd.org
On Apr 11, 9:48am, Emmanuel Dreyfus wrote:
} On Mon, Nov 19, 2012 at 02:39:36PM +, Julian Yon wrote:
} No, Emmanuel is right: [...] use the O_EXEC flag when opening fd. In
} this case, the application will not be able to perform a checksum test
} since it will not be able to read the
On Sat, Nov 17, 2012 at 11:48:20AM +0100, Emmanuel Dreyfus wrote:
Here is an attempt to address what was said about implementing fexecve()
fexecve() checks that the vnode underlying the fd :
- is of type VREG
- grants execution right
O_EXEC cause open()/openat() to fail if the file mode
Rhialto rhia...@falu.nl wrote:
The definition is really vague. As I understand, nothing forbids opening
O_EXEC|O_RDWR.
Applications shall specify exactly one of the first five values (file
access modes) below in the value of oflag:
Right, I missed that point.
--
Emmanuel Dreyfus
On Sat, Nov 17, 2012 at 06:42:50PM -0500, Thor Lancelot Simon wrote:
O_EXEC cause open()/openat() to fail if the file mode does not grant
execute rights
There are security concerns with fd passed to chrooted processes, which
could help executing code. Here is a proposal for
David Holland dholland-t...@netbsd.org wrote:
The standard is clearly wrong on a number of points and doesn't match
the historical design and behavior of Unix. Let's either implement
something correct, or not implement it at all.
Do you have something correct to sugest?
--
Emmanuel Dreyfus
On Sun, Nov 18, 2012 at 06:16:00PM +, David Holland wrote:
This appears to contradict either the description of O_EXEC in the
standard, or the standard's rationale for adding fexecve(). The
standard says O_EXEC causes the file to be open for execution only.
In other
On Sun, Nov 18, 2012 at 07:42:43PM +0100, Emmanuel Dreyfus wrote:
The standard is clearly wrong on a number of points and doesn't match
the historical design and behavior of Unix. Let's either implement
something correct, or not implement it at all.
Do you have something correct to
On Sun, 18 Nov 2012 18:16:00 +
David Holland dholland-t...@netbsd.org wrote:
On Sat, Nov 17, 2012 at 06:42:50PM -0500, Thor Lancelot Simon wrote:
Further, requiring O_EXEC would seem to directly contravene the
standard's language about fexecve()'s behavior.
The standard is
On Sun, Nov 18, 2012 at 06:51:51PM +, David Holland wrote:
This appears to contradict either the description of O_EXEC in the
standard, or the standard's rationale for adding fexecve(). The
standard says O_EXEC causes the file to be open for execution only.
In
On Nov 17, 2012, at 2:48 AM, Emmanuel Dreyfus wrote:
Here is an attempt to address what was said about implementing fexecve()
fexecve() checks that the vnode underlying the fd :
- is of type VREG
- grants execution right
O_EXEC cause open()/openat() to fail if the file mode does not
On Sat, Nov 17, 2012 at 11:48:20AM +0100, Emmanuel Dreyfus wrote:
Here is an attempt to address what was said about implementing fexecve()
fexecve() checks that the vnode underlying the fd :
- is of type VREG
- grants execution right
O_EXEC cause open()/openat() to fail if the file mode
Thor Lancelot Simon t...@panix.com wrote:
This appears to contradict either the description of O_EXEC in the
standard, or the standard's rationale for adding fexecve(). The
standard says O_EXEC causes the file to be open for execution only.
The definition is really vague. As I understand,
20 matches
Mail list logo