From: Linus Torvalds > Sent: 14 August 2021 01:55 > > On Fri, Aug 13, 2021 at 2:49 PM Andy Lutomirski <luto@xxxxxxxxxx> wrote: > > > > I’ll bite. How about we attack this in the opposite direction: remove the deny write mechanism > entirely. > > I think that would be ok, except I can see somebody relying on it. > > It's broken, it's stupid, but we've done that ETXTBUSY for a _loong_ time. I think ETXTBUSY predates Linux itself. But I can't remember whether the elf versions of sunos or svr4 implemented it for shared libraries. I don't remember hitting it, so they may not have. I'm actually surprised it ia an mmap() flag rather than an open() one. Being able to open a file and guarantee it can't be changed seems a sane idea. And not just for programs/libraries. By the sound of it 'immutable' is no use. You need to be able to unlink the file - otherwise you get into the window's fiasco of not being able to update without 17 reboots. FWIW MAP_COPY would only need to take one copy of the page - all the users could share the same page (backed by a single page of swap). Not that I'm suggesting it is a good idea at all. I do wonder about /proc/self/exe though. It gave the NetBSD Linux emulation a terrible problem. Being able to open the inode of the program is fine. The problem is the what readlink() returns - it is basically stale. If a program open the link contents it could get anything at all. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
