Date: Sat, 12 Oct 1996 12:17:13 -0700 From: patl@asimov.volant.org To: freebsd-security@freebsd.org Subject: exec* ("/dev/fd/mumble", ...) Message-ID: <9610121917.AA02624@asimov.volant.org>
next in thread | raw e-mail | index | archive | help
What happens if you pass "/dev/fd/<mumble>" to execve(2) or any of the exec* functions that are front-ends to it? In particular, does it properly execute the binary on the open file; and if so, does the executed program inherit an open fd on itself, or does it get closed by execve? If it does work, and it closes the file, it would allow chrooted execution of a binary without requiring the binary to be in the chroot file space. If someone knowlegable in this portion of the kernel can assure me that it should work, I'll add an option to chroot(8) and/or chrootuid(8) to specify that the command should be opened before the chroot(2) and passed as a /dev/fd reference. (Unless, of course, someone can explain why this would be a Bad Idea.) -Pat My opinions are my own. For a small royalty, they can be yours as well... Pat Lashley, Senior Software Engineer, Henry Davis Consulting patl@Phoenix.Volant.ORG || http://Phoenix.Volant.ORG/ || lashley@netcom.com PGP Key Fingerprint: 2C 2A A9 8E 86 F1 AE 17 55 9D 49 31 5B 96 E7 92
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9610121917.AA02624>