On 10/20/13 21:54, Theo de Raadt wrote:
Indeed, the interpreter is not passed to execve. That's why I used
'get executed'
instead of
'are executed'
though the difference might not be clear.
The kernel loads the interpreter, and the code of that interpreter
gets executed. So,
I don't get what's wrong with running execve on it. In all cases,
someone can load it through another executable.
Using ld.so does not imply execve'ing it.
If I have an interpreter that I chmod as exec-only, I want this
interpreter to be world-loadable without thereby letting other
users
Le 21/10/2013 09:38, Theo de Raadt a écrit :
I don't get what's wrong with running execve on it. In all cases,
someone can load it through another executable.
Using ld.so does not imply execve'ing it.
If I have an interpreter that I chmod as exec-only, I want this
interpreter to be
when the kernel loads an ELF binary, it will also load its interpreter.
The kernel checks the rights of the interpreter, that way:
if ((error = VOP_ACCESS(vp, VREAD, p-p_ucred, p)) != 0)
goto bad1;
It should check with VEXEC instead of VREAD. Interpreters get executed,
Le 20/10/2013 16:53, Theo de Raadt a écrit :
when the kernel loads an ELF binary, it will also load its interpreter.
The kernel checks the rights of the interpreter, that way:
if ((error = VOP_ACCESS(vp, VREAD, p-p_ucred, p)) != 0)
goto bad1;
It should check with VEXEC
Le 20/10/2013 16:53, Theo de Raadt a écrit :
when the kernel loads an ELF binary, it will also load its interpreter.
The kernel checks the rights of the interpreter, that way:
if ((error = VOP_ACCESS(vp, VREAD, p-p_ucred, p)) != 0)
goto bad1;
It should check with VEXEC
On Sun, Oct 20, 2013 at 18:00, Maxime Villard wrote:
It should check with VEXEC instead of VREAD. Interpreters get executed,
so they have to be executable; a read-only interpreter shouldn't be
loaded by the kernel.
I am not sure I agree on this.
Why?
How is loading the interpreter
Le 20/10/2013 18:05, Theo de Raadt a écrit :
Le 20/10/2013 16:53, Theo de Raadt a écrit :
when the kernel loads an ELF binary, it will also load its interpreter.
The kernel checks the rights of the interpreter, that way:
if ((error = VOP_ACCESS(vp, VREAD, p-p_ucred, p)) != 0)
It should check with VEXEC instead of VREAD. Interpreters get executed,
so they have to be executable; a read-only interpreter shouldn't be
loaded by the kernel.
I am not sure I agree on this.
Why?
How is loading the interpreter different than loading a shared
library?
Le 20/10/2013 18:05, Theo de Raadt a écrit :
Le 20/10/2013 16:53, Theo de Raadt a écrit :
when the kernel loads an ELF binary, it will also load its interpreter.
The kernel checks the rights of the interpreter, that way:
if ((error = VOP_ACCESS(vp, VREAD, p-p_ucred, p)) != 0)
10 matches
Mail list logo