Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC

From: Florian Weimer <hidden>
Date: 2018-12-12 20:13:26
Also in: linux-fsdevel, linux-security-module, lkml

Possibly related (same subject, not in this thread)

2018-12-13 · Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC · Matthew Wilcox <willy@infradead.org>
2018-12-13 · Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC · Mickaël Salaün <hidden>
2018-12-13 · Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC · Matthew Wilcox <willy@infradead.org>
2018-12-13 · Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC · Mickaël Salaün <hidden>
2018-12-13 · Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC · Mickaël Salaün <hidden>

* James Morris:

If you're depending on the script interpreter to flag that the user may 
execute code, this seems to be equivalent in security terms to depending 
on the user.  e.g. what if the user uses ptrace and clears O_MAYEXEC?

The argument I've heard is this: Using ptrace (and adding the +x
attribute) are auditable events.

Florian

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help