Re: [dev] why avoid install?

From: <random832_AT_fastmail.us>
Date: Thu, 20 Nov 2014 17:54:09 -0500

On Thu, Nov 20, 2014, at 14:40, Markus Wichmann wrote:
> Not always. One thing that reliably gets on people's nerves here is
> shared libraries. And those aren't protected with that ETXTBSY thing.
>
> The reason is that the MAP_DENYWRITE flag became the irrecoverable
> source of a DoS attack and had to be removed from the syscall. It can
> still be used in the kernel, which is why overwriting a running binary
> will fail, but it can't be used in userspace (or rather, is ignored),

Why not give ld-linux.so a capability that allows it? Wait, no, that
wouldn't solve it for dlopen().

Why not allow it for files that have execute permission? What are the
details of the DOS attack?
Received on Thu Nov 20 2014 - 23:54:09 CET

This archive was generated by hypermail 2.3.0 : Fri Nov 21 2014 - 00:00:20 CET