Bart Smaalders wrote: > John Zolnowsky x69422/408-404-5064 wrote: > > The general nature of mmapfd() mapping represents a possible solution > > to a concern being discussed in 2008/195. The issue is that > > interpreters other than rtld often have the equivalent of libraries, > > for example, perl's .pm and .pl or the shell "source" or "." commands. > > These extended forms of library are presently introduced into the > > process "execution" using general interfaces (open(), read()), > > precluding any reliable triggering for validition of the object. As > > much as mmapfd() provides a generalized mechanism for accessing these > > forms of libraries, it would serve as a enabler for validated > > execution. > > cat /etc/file | sh ???
Or worse: "eval" ... ... another issue is that shells like "ksh" support function libraries (via FPATH) which are loaded on demand... how should this be handled ? > It seems to be that validated execution is somewhat missing the point > by focusing on "execution". > > I'll take my comments to 2008/195 when I get a chance.. /me, too... ---- Bye, Roland -- __ . . __ (o.\ \/ /.o) roland.mainz at nrubsig.org \__\/\/__/ MPEG specialist, C&&JAVA&&Sun&&Unix programmer /O /==\ O\ TEL +49 641 7950090 (;O/ \/ \O;)