Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4

From: Willy Tarreau
Date: Sun Aug 31 2003 - 23:29:51 EST

Next message: Jamie Lokier: "Re: x86, ARM, PARISC, PPC, MIPS and Sparc folks please run this"
Previous message: Albert Cahalan: "bitkeeper comments"
In reply to: Alan Cox: "Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Next in thread: Linus Torvalds: "Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Aug 31, 2003 at 11:58:40PM +0100, Alan Cox wrote:

> #3 The instant you pass control to the user space loader I can steal the
> handle via /proc
>
> #4 The instant you pass control to the user space loader I can take it
> over via ptrace
>
> #5 After you pass control I can core dump the app and recover the data
> using a signal
>
> 3, 4 and 5 require you make the userspace loader undumpable in the case
> where the fd being passed on is executable only. If you do this then it
> certainly fixes 4 (permission denied) and 5 (no dump) and I think it
> fixes #3

I confirm that it fixes #3 since I had a problem with /dev/fd/N not working
in my scripts, until I realized that it was because an exec only bash would
render /proc/self/fd/ unreadable.

Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jamie Lokier: "Re: x86, ARM, PARISC, PPC, MIPS and Sparc folks please run this"
Previous message: Albert Cahalan: "bitkeeper comments"
In reply to: Alan Cox: "Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Next in thread: Linus Torvalds: "Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]