From owner-freebsd-current Sun Jan 26 04:01:06 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id EAA03721 for current-outgoing; Sun, 26 Jan 1997 04:01:06 -0800 (PST) Received: from root.com (implode.root.com [198.145.90.17]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id EAA03715 for ; Sun, 26 Jan 1997 04:01:04 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by root.com (8.7.6/8.6.5) with SMTP id EAA06656; Sun, 26 Jan 1997 04:01:01 -0800 (PST) Message-Id: <199701261201.EAA06656@root.com> X-Authentication-Warning: implode.root.com: Host localhost [127.0.0.1] didn't use HELO protocol To: Steven Wallace cc: current@FreeBSD.org Subject: Re: exec bug In-reply-to: Your message of "Sun, 26 Jan 1997 00:35:21 PST." <199701260835.AAA05470@newport.ece.uci.edu> From: David Greenman Reply-To: dg@root.com Date: Sun, 26 Jan 1997 04:01:01 -0800 Sender: owner-current@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk >I haven't heard anything about the exec but I reported last week >when an executable fails to read the image from the media due to a >read error. > >execve() maps the first page to memory and calls exec_aout_imgact() >which then accesses this page and fails. The system then gets >a page fault while in kernel mode and dies. > >This is in 2_2_RELENG. > >I'd hate to have anyone be able to panic my system by putting in >a bad floppy or CDROM and trying to execute something. > >What's the deal? There is no good solution to this problem given the current architecture. I don't consider it a significant problem, however. People can crash your system (due to intentional consistency checks) just as easily by putting in a floppy with a corrupted filesystem. The only solution I can think of at the moment to this problem would be to change the code to do a read of the file header into a malloced buffer. The overhead for this would be very (unacceptably) high, however. -DG David Greenman Core-team/Principal Architect, The FreeBSD Project