Which prevents a user with rights doing so deliberately.
> 2) It allows user space access to the security policy information
> regarding executables. Allowing ld-linux.so to refust to
> execute binaries, and shared libaries on a filesystem mounted
> noexec.
Which is mostly useless anyway since anyone can write an ld-linux that
doesn't check providing the binary is readable. noexec is basically a weird
ancient unixism that is usless.
> My biggest unresolved issue is which numbers to choose for O_EXEC on
> every platform. As the DENYWRITE code is cleaner in open than in mmap.
And the fact that open has side effects.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/