|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: mmap(), security and /dev/zero
From: Daniel Carosone (dan
geek.com.au)
Date: Wed Jun 23 2004 - 19:57:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Jun 24, 2004 at 09:51:46AM +0900, Curt Sampson wrote:
>
> Doesn't the noexec flag allow you to do this already?
>
No, it needs this change to work. Otherwise, potentially, a program
executed from a r/o filesystem might be somehow tricked into loading
shlibs from a writable path.
If the shlib needed x bits in order to be executed, and the filesystem
it was on was noexec, then the potential hole is closed.
Count me amongst the group that like this change, btw.
--
Dan.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iD8DBQFA2icAEAVxvV4N66cRAsr3AKDUahNhNHqYF7qdZvXhfmAvfjKWXACg4a4k
LS1v45PtAFKI69yPL65tlkY=
=bw8s
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]