Marcus Meissner meissner@suse.de writes:
Hi,
regression from my previous patch, which forced EXEC permissions on some mappings, which in turn gets EPERM when the filesystem is "noexec" mounted.
I don't think that's a good idea. If the filesystem is no exec we should report it and fail.
On Fri, Dec 10, 2010 at 02:01:18PM +0100, Alexandre Julliard wrote:
Marcus Meissner meissner@suse.de writes:
Hi,
regression from my previous patch, which forced EXEC permissions on some mappings, which in turn gets EPERM when the filesystem is "noexec" mounted.
I don't think that's a good idea. If the filesystem is no exec we should report it and fail.
The issue is that it worked before my last patch and still works.
Or should we take care of not executing stuff from "noexec" filesystems as kind of policy rule?
Ciao, Marcus
Marcus Meissner meissner@suse.de writes:
The issue is that it worked before my last patch and still works.
Or should we take care of not executing stuff from "noexec" filesystems as kind of policy rule?
Yes. On systems that enforce this correctly, if you ignore the error at that point you'll then get a mysterious crash when the app actually tries to execute code.
On Fri, Dec 10, 2010 at 03:08:26PM +0100, Alexandre Julliard wrote:
Marcus Meissner meissner@suse.de writes:
The issue is that it worked before my last patch and still works.
Or should we take care of not executing stuff from "noexec" filesystems as kind of policy rule?
Yes. On systems that enforce this correctly, if you ignore the error at that point you'll then get a mysterious crash when the app actually tries to execute code.
I guess my x86_64 system does ...
At least map_file will copy the stuff into a new anon mapping and so make it work. quake2 at least runs fully from a "noexec" mounted USB stick.
Anyway, what kind of warning would you suggest? A FIXME?
Ciao, Marcus
Marcus Meissner meissner@suse.de writes:
At least map_file will copy the stuff into a new anon mapping and so make it work. quake2 at least runs fully from a "noexec" mounted USB stick.
That should be considered a bug. If you mount it noexec it's because you don't trust the code that it may contain...
Anyway, what kind of warning would you suggest? A FIXME?
No it's not a FIXME, there's nothing to fix. Just an ERR, we already have one for this.
On 12/10/2010 06:44 AM, Alexandre Julliard wrote:
Marcus Meissner meissner@suse.de writes:
At least map_file will copy the stuff into a new anon mapping and so make it work. quake2 at least runs fully from a "noexec" mounted USB stick.
That should be considered a bug. If you mount it noexec it's because you don't trust the code that it may contain...
Should we consider doing this for individual binary files as well? Stock (non-PPA) Ubuntu already forces this through a front-end script, but I shudder to think how many existing setups we might break with the change since apps are not executable by default (unless installed by Wine, thankfully).
Thanks, Scott Ritchie
On Fri, Dec 10, 2010 at 02:05:08PM -0800, Scott Ritchie wrote:
On 12/10/2010 06:44 AM, Alexandre Julliard wrote:
Marcus Meissner meissner@suse.de writes:
At least map_file will copy the stuff into a new anon mapping and so make it work. quake2 at least runs fully from a "noexec" mounted USB stick.
That should be considered a bug. If you mount it noexec it's because you don't trust the code that it may contain...
Should we consider doing this for individual binary files as well? Stock (non-PPA) Ubuntu already forces this through a front-end script, but I shudder to think how many existing setups we might break with the change since apps are not executable by default (unless installed by Wine, thankfully).
I don't think we should.
"Download this file, chmod u+x setup.exe ; wine setup.exe" ... Does not really fly.
A wrapper like above could ask for the permission I guess.
CIao, Marcus
-
Alexandre Julliard -
Marcus Meissner -
Marcus Meissner -
Scott Ritchie