m...@netbsd.org (Emmanuel Dreyfus) writes: >Alan Barrett <a...@netbsd.org> wrote:
>> The fexecve function could be implemented entirely in libc, >> via execve(2) on a file name of the form "/proc/self/fd/<N>". >> Any security concerns around fexecve() also apply to exec of >> /proc/self/fd/<N>. >I gave a try to this approach. There is an unexpected issue: >for a reason I cannot figure, namei() does not resolve >/proc/self/fd/<N>. Here is a ktrace: > 810 1 t_fexecve CALL open(0x8048db6,0,0) > 810 1 t_fexecve NAMI "/usr/bin/touch" > 810 1 t_fexecve RET open 3 > 810 1 t_fexecve CALL getpid > 810 1 t_fexecve RET getpid 810/0x32a, 924/0x39c > 810 1 t_fexecve CALL execve(0xbfbfe66f,0xbfbfea98,0xbfbfeaa4) > 810 1 t_fexecve NAMI "/proc/self/fd/3" > 810 1 t_fexecve RET execve -1 errno 2 No such file or >directory The descriptor is probably already "closed on exec" before the syscall tries to use it. -- -- Michael van Elst Internet: mlel...@serpens.de "A potential Snark may lurk in every tree."