This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [musl] Re: [RFC] Possible new execveat(2) Linux syscall

From: Christoph Hellwig <hch at infradead dot org>
To: Rich Felker <dalias at aerifal dot cx>
Cc: David Drysdale <drysdale at google dot com>, Andy Lutomirski <luto at amacapital dot net>, libc-alpha <libc-alpha at sourceware dot org>, musl at lists dot openwall dot com, Andrew Morton <akpm at linux-foundation dot org>, Linux API <linux-api at vger dot kernel dot org>, Christoph Hellwig <hch at infradead dot org>
Date: Fri, 21 Nov 2014 02:10:15 -0800
Subject: Re: [musl] Re: [RFC] Possible new execveat(2) Linux syscall
Authentication-results: sourceware.org; auth=none
References: <CAHse=S8ccC2No5EYS0Pex=Ng3oXjfDB9woOBmMY_k+EgxtODZA at mail dot gmail dot com> <20141116195246 dot GX22465 at brightrain dot aerifal dot cx> <CALCETrWWUyizL8HxZKaYE+xuV5eGi8mQcequT9HPvvac=X-dLg at mail dot gmail dot com> <20141116220859 dot GY22465 at brightrain dot aerifal dot cx> <CALCETrVtN73rTxGXV9Xt+sPOitAWCcyrfUWY_3_tAmd+n6V1gA at mail dot gmail dot com> <20141116233202 dot GA22465 at brightrain dot aerifal dot cx> <CAHse=S8uceX-buoeFoA_Qthsr0TZ-nX7_x_098qqwr5pa_2r-w at mail dot gmail dot com> <20141117183010 dot GE22465 at brightrain dot aerifal dot cx>

On Mon, Nov 17, 2014 at 01:30:10PM -0500, Rich Felker wrote:
> On Mon, Nov 17, 2014 at 03:42:15PM +0000, David Drysdale wrote:
> > I'm not familiar with O_EXEC either, I'm afraid, so to be clear -- does
> > O_EXEC mean the permission check is explicitly skipped later, at execute
> > time?  In other words, if you open(O_EXEC) an executable then remove the
> > execute bit from the file, does a subsequent fexecve() still work?
> 
> Yes. It's just like how read and write permissions work. If you open a
> file for read then remove read permissions, or open it for write then
> remove write permissions, the existing permissions to the open file
> are not lost. Of course open with O_EXEC/O_SEARCH needs to fail if the
> caller does not have +x access to the file/directory at the time of
> open.

Adding a FMODE_EXEC similar to FMODE_READ/WRITE would be trivial.

References:
- [RFC] Possible new execveat(2) Linux syscall
  - From: David Drysdale
- Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Rich Felker
- Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Andy Lutomirski
- Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Rich Felker
- Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Andy Lutomirski
- Re: [musl] Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Rich Felker
- Re: [musl] Re: [RFC] Possible new execveat(2) Linux syscall
  - From: David Drysdale
- Re: [musl] Re: [RFC] Possible new execveat(2) Linux syscall
  - From: Rich Felker

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]