> Le 20/10/2013 18:05, Theo de Raadt a écrit : > >> Le 20/10/2013 16:53, Theo de Raadt a écrit : > >>>> when the kernel loads an ELF binary, it will also load its interpreter. > >>>> The kernel checks the rights of the interpreter, that way: > >>>> > >>>> if ((error = VOP_ACCESS(vp, VREAD, p->p_ucred, p)) != 0) > >>>> goto bad1; > >>>> > >>>> It should check with VEXEC instead of VREAD. Interpreters get executed, > >>>> so they have to be executable; a read-only interpreter shouldn't be > >>>> loaded by the kernel. > >>> > >>> I am not sure I agree on this. > >>> > >> > >> Why? > > > > VEXEC is used in other cases to insist on a filesystem permission, for > > instance, when supplying a path for execve(). > > > > The interpreter is not a path supplied to execve. > > > > Indeed, the interpreter is not passed to execve. That's why I used > 'get executed' > instead of > 'are executed' > though the difference might not be clear. > > The kernel loads the interpreter, and the code of that interpreter > gets executed. So, actually, it plays as an executable. And as long > as code gets executed from it, it should have +x rights. > > Shouldn't it?
Absolutely not, because then someone can try to run execve on it. You are not thinking clearly.