Date: Tue, 28 Apr 2026 18:49:41 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 294780] fexecve(2) only works for scripts if /dev/fd is mounted with the non-default nodup option. Message-ID: <bug-294780-227-kzcEFfVRuM@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-294780-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294780 Kyle Evans <kevans@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kevans@freebsd.org, | |kib@FreeBSD.org --- Comment #1 from Kyle Evans <kevans@freebsd.org> --- I only spent a minute looking at the fexecve(2) implementation, so CC kib@, but I think the official response is probably: just don't do that. I note the following comment: ``` /* * If the descriptors was not opened with O_PATH, then * we require that it was opened with O_EXEC or * O_RDONLY. In either case, exec_check_permissions() * below checks _current_ file access mode regardless * of the permissions additionally checked at the * open(2). */ ``` You're not benefiting yourself by opening it O_EXEC because it will be re-checked, you might as well just open it O_RDONLY and use faccessat(2) with AT_EMPTY_PATH to see if you should even try fexecve(2) since your userland checks are racey anyways, given the above. I think that solves your problem, and I don't know if we want to try and do anything else here. -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-294780-227-kzcEFfVRuM>