Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Kees Cook <keescook@xxxxxxxxxxxx>
Subject: Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
From: Florian Weimer <fweimer@xxxxxxxxxx>
Date: Fri, 15 May 2020 10:43:34 +0200
Cc: Mickaël Salaün <mic@xxxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Aleksa Sarai <cyphar@xxxxxxxxxx>, Andy Lutomirski <luto@xxxxxxxxxx>, Mimi Zohar <zohar@xxxxxxxxxxxxx>, Stephen Smalley <stephen.smalley.work@xxxxxxxxx>, Christian Heimes <christian@xxxxxxxxxx>, Deven Bowers <deven.desai@xxxxxxxxxxxxxxxxxxx>, Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>, John Johansen <john.johansen@xxxxxxxxxxxxx>, Kentaro Takeda <takedakn@xxxxxxxxxxxxx>, "Lev R. Oshvang ." <levonshe@xxxxxxxxx>, Alexei Starovoitov <ast@xxxxxxxxxx>, Daniel Borkmann <daniel@xxxxxxxxxxxxx>, Eric Chiang <ericchiang@xxxxxxxxxx>, James Morris <jmorris@xxxxxxxxx>, Jan Kara <jack@xxxxxxx>, Jann Horn <jannh@xxxxxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Lakshmi Ramasubramanian <nramas@xxxxxxxxxxxxxxxxxxx>, Matthew Garrett <mjg59@xxxxxxxxxx>, Matthew Wilcox <willy@xxxxxxxxxxxxx>, Michael Kerrisk <mtk.manpages@xxxxxxxxx>, Mickaël Salaün <mickael.salaun@xxxxxxxxxxx>, Philippe Trébuchet <philippe.trebuchet@xxxxxxxxxxx>, Scott Shell <scottsh@xxxxxxxxxxxxx>, Sean Christopherson <sean.j.christopherson@xxxxxxxxx>, Shuah Khan <shuah@xxxxxxxxxx>, Steve Dower <steve.dower@xxxxxxxxxx>, Steve Grubb <sgrubb@xxxxxxxxxx>, Thibaut Sautereau <thibaut.sautereau@xxxxxxxxxxx>, Vincent Strubel <vincent.strubel@xxxxxxxxxxx>, linux-kernel <linux-kernel@xxxxxxxxxxxxxxx>, kernel-hardening@xxxxxxxxxxxxxxxxxx, linux-api@xxxxxxxxxxxxxxx, linux-integrity@xxxxxxxxxxxxxxx, LSM List <linux-security-module@xxxxxxxxxxxxxxx>, Linux FS Devel <linux-fsdevel@xxxxxxxxxxxxxxx>
In-reply-to: <202005142343.D580850@keescook> (Kees Cook's message of "Fri, 15 May 2020 01:01:32 -0700")
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

* Kees Cook:

> Maybe I've missed some earlier discussion that ruled this out, but I
> couldn't find it: let's just add O_EXEC and be done with it. It actually
> makes the execve() path more like openat2() and is much cleaner after
> a little refactoring. Here are the results, though I haven't emailed it
> yet since I still want to do some more testing:
> https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=kspp/o_exec/v1

I think POSIX specifies O_EXEC in such a way that it does not confer
read permissions.  This seems incompatible with what we are trying to
achieve here.

Thanks,
Florian

Follow-Ups:
- Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
  - From: Kees Cook

References:
- [PATCH v5 0/6] Add support for O_MAYEXEC
  - From: Mickaël Salaün
- [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Mickaël Salaün
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Kees Cook
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Stephen Smalley
- Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC
  - From: Mickaël Salaün
- How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
  - From: Kees Cook

Prev by Date: Re: [RFC PATCH v3 0/9] Suppress negative dentry
Next by Date: Re: [PATCH 1/4] hung_task: Move hung_task sysctl interface to hung_task_sysctl.c
Previous by thread: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Next by thread: Re: How about just O_EXEC? (was Re: [PATCH v5 3/6] fs: Enable to enforce noexec mounts or file exec through O_MAYEXEC)
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]