Date: Wed, 15 Aug 2001 12:51:08 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Bruce Evans <bde@zeta.org.au> Cc: Warner Losh <imp@harmony.village.org>, Alexander Langer <alex@big.endian.de>, "Brian F. Feldman" <green@FreeBSD.org>, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/conf kmod.mk Message-ID: <Pine.NEB.3.96L.1010815124918.81642A-100000@fledge.watson.org> In-Reply-To: <20010815124728.S17438-100000@besplex.bde.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Aug 2001, Bruce Evans wrote: > On Tue, 14 Aug 2001, Warner Losh wrote: > > > In message <20010814205118.B22531@zerogravity.kawo2.rwth-aachen.d> Alexander Langer writes: > > : > amazingly inconsistent... I can kldload ./file.ko, but not kldload file.ko, > > : > though those are both correct relative paths. kldload(8) should have > > : > absolutely no trouble checking the cwd for existence of a path before giving > > : > up. Why don't we just replace that search algorithm with one less broken? > > : > > : This is a security issue. > > Yes. Part of the brokenness of the current algorithm is that it > inconsistent to the point of insecurity. > > > This is the "don't have . in root's path" consequence. > > Not really. Root's affects shells, not syscalls. execve() looks up the > pathname in the usual way, starting in the current directory if the > pathname doesn't begin with a slash. I agree on both points. One of the that has also worried me in the past is an idea that has floated around (and might even be implemented) that the namespace searched is with respects to rootvp, rather than the current process root. Generally speaking, name lookups happen consistently, and with respects to the process's current root and working directories. Mixing namespaces, and moving away from that for any call is asking for trouble. At the very least, we should seperate "load module by name" and "load module by filename", if we plan to allow the former as well as the latter. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010815124918.81642A-100000>