Le 20/10/2013 16:53, Theo de Raadt a écrit :
when the kernel loads an ELF binary, it will also load its interpreter. The kernel checks the rights of the interpreter, that way:if ((error = VOP_ACCESS(vp, VREAD, p->p_ucred, p)) != 0) goto bad1; It should check with VEXEC instead of VREAD. Interpreters get executed, so they have to be executable; a read-only interpreter shouldn't be loaded by the kernel.I am not sure I agree on this.
Why?
