Hell Benjamin,
On 11/5/18 3:21 AM, Benjamin Peterson wrote:
> The original implementation of PR_SET_MM_EXE_FILE only allowed it to be used
> once in a process's lifetime. This restriction was lifted in Linux commit
> 3fb4afd9a504c2386b8435028d43283216bf588e ("prctl: remove one-shot limitation for
> changing exe link").
> ---
> man2/prctl.2 | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/man2/prctl.2 b/man2/prctl.2
> index 071049d48..f5bab568e 100644
> --- a/man2/prctl.2
> +++ b/man2/prctl.2
> @@ -648,11 +648,10 @@ memory area for the ELF
> .IR \.text
> section).
> .IP
> -The second limitation is that such transitions can be done only once
> -in a process life time.
> -Any further attempts will be rejected.
> -This should help system administrators monitor unusual
> -symbolic-link transitions over all processes running on a system.
> +.\" commit 3fb4afd9a504c2386b8435028d43283216bf588e
> +Before Linux 4.9, the
> +.BR PR_SET_MM_EXE_FILE
> +operation could only be performed once in a process's lifetime.
> .PP
> The following options are available since Linux 3.18.
> .\" commit f606b77f1a9e362451aca8f81d8f36a3a112139e
Thanks for the patch. Applied.
I subsequently reworked the text and added some details about
historical behavior and rationale for the change:
In Linux 4.9 and earlier, the PR_SET_MM_EXE_FILE
operation can be performed only once in a process's
lifetime; attempting to perform the operation a sec‐
ond time results in the error EPERM. This restric‐
tion was enforced for security reasons that were
subsequently deemed specious, and the restriction
was removed in Linux 4.10 because some user-space
applications needed to perform this operation more
than once.
Thanks,
Michael
--
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
