Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

David S. Miller (davem@dm.cobaltmicro.com)
Tue, 4 Aug 1998 13:07:00 -0700

Date: Tue, 4 Aug 1998 15:51:50 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

This is not a technical argument, then, but a social one. This
doesn't mean that we shouldn't put the stack hack into mainline at
some point. It just means we have to be careful how we market it,
and make sure developers still worry about stack overruns.

Also true.

But I have yet another technical argument. It BREAKS the existing elf
ABI's of all systems I know of.

I have the 32-bit Sparc and 32-bit MIPS ELF specifications here for
reference and both specify:

"The stack segment has READ, WRITE, and EXECUTE permissions."

I don't have it handy, but I would not be surprised if the x86 ELF
specs say the same thing. Someone can easily check this.

Dean Gaudet made a reference to Solaris2.7 and the fact that they've
turned off execute permission for the stack on Sparc. This is for
64-bit Sparc binaries covered on the new 64-bit V9 processor ABI.
They did not turn off execution for the stack segment when existing
32-bit binaries run.

Later,
David S. Miller
davem@dm.cobaltmicro.com

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html