Hi, PCRE2 has an optional executable allocator, which allocates temporary files on the disk, where it stores machine executable code. The tmp directory can be (optionally) set using the TMPDIR environment variable. The temporary file is created by open(... O_TMPFILE ...) or mkostemp(). There are great Linux experts here, and I would like to know whether this can be exploited in some way. For example, setting TMPDIR to a network file sytem, or a file system which does not support user permissions (e.g. mounting a windows file system), and modify the executable code. Or mkostemp rejects these paths? Would it be better to drop this feature, and set the tmp directory path at compile time?
Now there is a new code path which uses memfd_create, but this requires a very recent kernel. Thank you, Zoltan -- ## List details at https://lists.exim.org/mailman/listinfo/pcre-dev
