From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com ([209.132.183.28]:57088 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726247AbeLLUN0 (ORCPT ); Wed, 12 Dec 2018 15:13:26 -0500 From: Florian Weimer To: James Morris Cc: =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= , linux-kernel@vger.kernel.org, Al Viro , Jonathan Corbet , Kees Cook , Matthew Garrett , Michael Kerrisk , =?utf-8?Q?Micka=C3=ABl_Sala=C3=BCn?= , Mimi Zohar , Philippe =?utf-8?Q?Tr=C3=A9buchet?= , Shuah Khan , Thibaut Sautereau , Vincent Strubel , Yves-Alexis Perez , kernel-hardening@lists.openwall.com, linux-api@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: [RFC PATCH v1 0/5] Add support for O_MAYEXEC References: <20181212081712.32347-1-mic@digikod.net> Date: Wed, 12 Dec 2018 21:13:16 +0100 In-Reply-To: (James Morris's message of "Thu, 13 Dec 2018 06:51:53 +1100 (AEDT)") Message-ID: <87lg4upkpv.fsf@oldenburg2.str.redhat.com> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-fsdevel-owner@vger.kernel.org List-ID: * James Morris: > If you're depending on the script interpreter to flag that the user may > execute code, this seems to be equivalent in security terms to depending > on the user. e.g. what if the user uses ptrace and clears O_MAYEXEC? The argument I've heard is this: Using ptrace (and adding the +x attribute) are auditable events. Florian