On Sun, 18 Nov 2012 14:31:29 -0500 Thor Lancelot Simon <[email protected]> wrote:
> On Sun, Nov 18, 2012 at 07:27:27PM +0000, Julian Yon wrote: > > On Sat, 17 Nov 2012 21:45:02 +0000 > > David Laight <[email protected]> wrote: > > > > > You don't need the executable image inside the chroot. > > > > I don't believe that's intended to be possible, and if it is, I'm > > not sure it's a gain. > > I actually think it might be, if it didn't run the risk of blowing up > code that wasn't written to expect it. As I've clearly missed it, which text in the spec suggests that? I don't see chroot mentioned anywhere. > If we're going to commit this syscall at all, I think it should be > accompanied by a new socket option for unix domain sockets, which > defaults to "off", but if explicitly set to "on", allows file > descriptors passed across the socket to be used for exec. Or just flag all descriptors passed over sockets as non-executable, i.e. implement the call but prevent that particular pattern. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) <[email protected]>
signature.asc
Description: PGP signature
