On Sun, Nov 18, 2012 at 06:16:00PM +0000, David Holland wrote: > > This appears to contradict either the description of O_EXEC in the > > standard, or the standard's rationale for adding fexecve(). The > > standard says O_EXEC causes the file to be open for execution "only". > > > > In other words, O_EXEC means you can't read nor write the file. Now > > the rationale for fexecve() doesn't hold, since you cannot read from > > the fd, then exec from it without a reopen. > > > > Further, requiring O_EXEC would seem to directly contravene the > > standard's language about fexecve()'s behavior. > > The standard is clearly wrong on a number of points and doesn't match > the historical design and behavior of Unix. Let's either implement > something correct, or not implement it at all.
Also it seems that the specification of O_SEARCH (and I think the implementation we just got, too) is flawed in the same way - it is performing access checks at use time instead of at open time. (Also the implementation we just got seems to be missing any access check at open time -- this seems entirely wrong.) -- David A. Holland dholl...@netbsd.org