Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 13 Dec 2018 06:22:00 +0100
From: Florian Weimer <>
To: Matthew Wilcox <>
Cc: Mickaël Salaün <>,,  Al Viro <>,  James
 Morris <>,  Jonathan Corbet <>,  Kees Cook
 <>,  Matthew Garrett <>,  Michael
 Kerrisk <>,  Mickaël Salaün
 <>,  Mimi Zohar <>,  Philippe
 Trébuchet <>,  Shuah Khan
 <>,  Thibaut Sautereau <>,
  Vincent Strubel <>,  Yves-Alexis Perez
Subject: Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC

* Matthew Wilcox:

> On Wed, Dec 12, 2018 at 09:17:07AM +0100, Mickaël Salaün wrote:
>> The goal of this patch series is to control script interpretation.  A
>> new O_MAYEXEC flag used by sys_open() is added to enable userland script
>> interpreter to delegate to the kernel (and thus the system security
>> policy) the permission to interpret scripts or other files containing
>> what can be seen as commands.
> I don't have a problem with the concept, but we're running low on O_ bits.
> Does this have to be done before the process gets a file descriptor,
> or could we have a new syscall?  Since we're going to be changing the
> interpreters anyway, it doesn't seem like too much of an imposition to
> ask them to use:
> 	int verify_for_exec(int fd)
> instead of adding an O_MAYEXEC.

Will this work for auditing?

Maybe add an interface which explicitly upgrades O_PATH descriptors, and
give that a separate flag argument?  I suppose that would be more
friendly to auditing.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.