Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <alpine.LNX.2.20.13.2101242140070.31613@monopod.intra.ispras.ru>
Date: Sun, 24 Jan 2021 21:48:11 +0300 (MSK)
From: Alexander Monakov <amonakov@...ras.ru>
To: musl@...ts.openwall.com
cc: Andrew Rogers <andrew.rogerstech@...il.com>
Subject: Re: Potential DL_NOMMU_SUPPORT bug.

> > sdcard [pseudo-]partition is usually mounted noexec, so mmap with PROT_EXEC
> > should fail.
> 
> Uhg, that makes no sense. Does it enforce that even for MAP_PRIVATE,
> which should semantically be equivalent to just making anon memory
> with the requested permissions and copying the file contents into it??

I think it makes sense: isn't the entire point of 'noexec' that a user
who has write access only to noexec filesystems will not be able to run
arbitrary binary code (assuming the already-present binaries are not
cooperative, unlike musl ld.so with the above patch would be)? Enforcing
noexec for MAP_PRIVATE ensures the users can not trivially side-step
noexec by invoking ld.so (without extra checks on ld.so side).

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.