kern

Pawel Jakub Dawidek Thu, 27 Sep 2012 09:43:56 -0700

Author: pjd
Date: Thu Sep 27 16:43:23 2012
New Revision: 241000
URL: http://svn.freebsd.org/changeset/base/241000


Log:
  Revert r240931, as the previous comment was actually in sync with POSIX.
  
  I have to note that POSIX is simply stupid in how it describes O_EXEC/fexecve
  and friends. Yes, not only inconsistent, but stupid.
  
  In the open(2) description, O_RDONLY flag is described as:
  
        O_RDONLY        Open for reading only.
  
  Taken from:
  
        http://pubs.opengroup.org/onlinepubs/9699919799/functions/open.html
  
  Note "for reading only". Not "for reading or executing"!
  
  In the fexecve(2) description you can find:
  
        The fexecve() function shall fail if:
  
        [EBADF]
                The fd argument is not a valid file descriptor open for 
executing.
  
  Taken from:
  
        http://pubs.opengroup.org/onlinepubs/9699919799/functions/exec.html
  
  As you can see the function shall fail if the file was not open with O_EXEC!
  
  And yet, if you look closer you can find this mess in the exec.html:
  
        Since execute permission is checked by fexecve(), the file description
        fd need not have been opened with the O_EXEC flag.
  
  Yes, O_EXEC flag doesn't have to be specified after all. You can open a file
  with O_RDONLY and you still be able to fexecve(2) it.

Modified:
  head/sys/kern/kern_exec.c

Modified: head/sys/kern/kern_exec.c
==============================================================================
--- head/sys/kern/kern_exec.c   Thu Sep 27 15:45:24 2012        (r240999)
+++ head/sys/kern/kern_exec.c   Thu Sep 27 16:43:23 2012        (r241000)
@@ -441,10 +441,10 @@ interpret:
        } else {
                AUDIT_ARG_FD(args->fd);
                /*
-                * Some might argue that CAP_MMAP should also be required here;
-                * such arguments will be entertained.
+                * Some might argue that CAP_READ and/or CAP_MMAP should also
+                * be required here; such arguments will be entertained.
                 *
-                * Descriptors opened only with O_EXEC are allowed.
+                * Descriptors opened only with O_EXEC or O_RDONLY are allowed.
                 */
                error = fgetvp_exec(td, args->fd, CAP_FEXECVE, &binvp);
                if (error)
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r241000 - head/sys/kern

Reply via email to