[systemd-devel] [PATCH] util: do not execute files without exec permission
Ronny Chevalier
chevalier.ronny at gmail.com
Mon Aug 18 12:18:43 PDT 2014
2014-08-18 21:10 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
> On Mon, 18.08.14 20:47, Ronny Chevalier (chevalier.ronny at gmail.com) wrote:
>
>>
>> 2014-08-18 15:51 GMT+02:00 Lennart Poettering <lennart at poettering.net>:
>> > On Sat, 16.08.14 14:24, Ronny Chevalier (chevalier.ronny at gmail.com) wrote:
>> >
>> > What's the rationale here? I think it makes a lot of sense to output an
>> > error if people drop non-executable files in such a directory...
>> >
>> Yeah it makes sense. But it is useless to fork & exec() when we know
>> it will fail so maybe leave the check and add a warning ?
>
> Dunno. Is this a real problem? I mean, failing after the fork()
> shouldn't be much of a real-life problem, since it realistically never
> really happens.
>
> In general I always try to be careful with these cases that might be
> vulnerable TOCTTOU issues. Not that this was really an issue in this
> case, but I'd prefer if the kernel's exec() syscall would figure out
> that something isn't executable, rather than us, since we cannot do it
> atomically, and somebody could toggle the x bit of a file right after we
> ran access() on it, but before the exec()... Hence, I'd prefer to avoid
> any explicit access() check, unless we really know that this is a common
> issue.
>
> Hope that makes sense,
Yeah it totally makes sense.
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list