Date: Sat, 10 May 2003 14:47:24 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Brian Buhrow <buhrow@lothlorien.nfbcal.org> Cc: Kirk McKusick <mckusick@beastie.mckusick.com> Subject: Re: Access times on executables (kern/25777) Message-ID: <20030510142105.H2968@gamplex.bde.org> In-Reply-To: <200305091732.h49HW9x11035@lothlorien.nfbcal.org> References: <200305091732.h49HW9x11035@lothlorien.nfbcal.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 9 May 2003, Brian Buhrow wrote: > I hope you forgive my naive question, but I fail to understand how the > NFS case can fail under any circumstance. If a user tries to execute an > nfs-mounted binary which is not readable by him, doesn't the system "read" > the binary as the user root in order to execute the program, assuming the > proper execute bit is set? And, once that is done, wouldn't the system > continue to read (page) that file as root? If that doesn't work, then I This lets the VOP_READ() method but not the VOP_SETATTR() method work. For both methods, we have a readable vp which corresponds to a readable fd in userland. This requires getting past the access checks on the pathname to the file being executed. The execute bit works like the read bit in the context of exec() -- VOP_READ() doesn't check either and its callers check the appropriate one. The VOP_SETTATR() method needs write access instead of read access, and it checks for this internally so execve() can't just grant this access by not checking it. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030510142105.H2968>