Colin Watson wrote: > On Tue, May 20, 2003 at 05:15:22PM +0100, Matthew Garrett wrote: > > Martin Pitt wrote: > > >Is there any particular reason to have /lib/ld-linux.so.* exxecutable? > > >If it is used only as a proper library, it need not be executable. > > > > [EMAIL PROTECTED]:~/priv$ sudo chmod a-x /lib/ld-linux.so.2 > > Password: > > [EMAIL PROTECTED]:~/priv$ ls > > bash: /bin/ls: Permission denied > > [EMAIL PROTECTED]:~/priv$ sudo chmod a+x /lib/ld-linux.so.2 > > bash: /usr/bin/sudo: Permission denied > > > > Irritated now. > > Indeed; /lib/ld-linux.so.2 is in the PT_INTERP field of the ELF header. > load_elf_binary() in fs/binfmt_elf.c uses open_exec() to open it, which > (fs/exec.c) contains this code: > > int err = permission(inode, MAY_EXEC); > if (!err && !(inode->i_mode & 0111)) > err = -EACCES;
That behavior always struck me as fairly evil -- it's never fun when one single bit flip can take down a system, and I'd like to see the number of bits that can do so be as small as possible. Now that you point out the actual code I wish we could do away with that check. Does it really buy anything for elf executables? -- see shy jo
pgpy7kfJItr1N.pgp
Description: PGP signature
