Re: [PATCHv10 man-pages 5/5] execveat.2: initial man page for execveat(2)
From: Rich Felker <hidden>
Date: 2015-01-09 20:49:09
Also in:
linux-arch, lkml, sparclinux
On Fri, Jan 09, 2015 at 05:46:28PM +0000, David Drysdale wrote:
quoted
It's AT_EXECFN, /proc/self/exe, and filenames shown elsewhere in /proc that may be derived in odd ways. I would also move the text about O_CLOEXEC to a BUGS or NOTES section rather than the main description. The long-term intent should be that script execution this way should work. IIRC this was discussed earlier in the thread.I may be misremembering, but I thought we hoped to be able to fix execveat of a script without /proc in future, but didn't expect to fix execveat of a script via an O_CLOEXEC fd (because in the latter case the fd gets closed before the script interpreter runs, so even if the interpreter (or a special filesystem) does clever things for names starting with "/dev/fd/..." the file descriptor is already gone).
I think this is a case that needs to be fixed, though it's hard. The normal correct usage for fexecve is to always pass an O_CLOEXEC file descriptor, and the caller can't really be expected to know whether the file is a script or not. We discussed workarounds before and one idea I proposed was having fexecve provide a "one open only" magic symlink in /proc/self/ to pass to the interpreter. It would behave like an O_PATH file descriptor magic symlink in /proc/self/fd, but would automatically cease to exist on the first open (at which point the interpreter would have a real O_RDONLY file descriptor for the underlying file). Rich