Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 23 Jan 2010 22:10:58 +0000
From:      "Robert N. M. Watson" <rwatson@FreeBSD.org>
To:        Bruce Evans <brde@optusnet.com.au>
Cc:        svn-src-stable@FreeBSD.org, svn-src-all@FreeBSD.org, src-committers@FreeBSD.org, svn-src-stable-8@FreeBSD.org
Subject:   Re: svn commit: r200509 - stable/8/libexec/rtld-elf
Message-ID:  <86386F14-AB22-47F9-A4B1-6EC8B90444B4@FreeBSD.org>
In-Reply-To: <20091215013718.D984@besplex.bde.org>
References:  <200912141219.nBECJLfJ026164@svn.freebsd.org> <20091215013718.D984@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

On 14 Dec 2009, at 16:08, Bruce Evans wrote:

> On Mon, 14 Dec 2009, Robert Watson wrote:
>=20
>> Log:
>> Merge r197808 from head to stable/8:
>>=20
>>   In rtld's map_object(), use pread(..., 0) rather than read() to =
read the
>>   ELF header from the front of the file.  As all other I/O on the =
binary
>>   is done using mmap(), this avoids the need for seek privileges on =
the
>>   file descriptor during run-time linking.
>=20
> Doesn't/shouldn't pread() require seek privileges?  It certainly uses =
them.

I think there are actually multiple notions of "seek":

- Manipulation of the file descriptor offset, which occurs explicitly =
with lseek(2) or implicitly with read(2)/write(2)/..., but not with =
pread(2)/pwrite(2)/sendfile(2)/...
- Underlying object offset, such as the current location of the head =
relative to a tape in a tape drive, which will be manipulated implicitly =
as IO requests go down the stack regardless of the file descriptor =
offset changing

For the purposes of our ongoing capability project, the right to seek =
refers to changing the file descriptor offset, as in most instances =
we're interested in, the underlying object is a file rather than a =
special device. In particular, we want to be able to pass around =
capabilities for key libraries (the runtime linker itself, libc, etc) =
and share them between mutually untrusting processes, and not have the =
file descriptor offset allow interference between them.

Further confusing matters, we maintain file descriptor-level offsets for =
some stream-oriented objects, such as tty's, but not others, such as =
sockets.

Robert=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86386F14-AB22-47F9-A4B1-6EC8B90444B4>