From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 16219 invoked from network); 10 May 2022 14:42:23 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 10 May 2022 14:42:23 -0000 Received: from mimir.eigenstate.org ([206.124.132.107]) by 9front; Tue May 10 10:40:55 -0400 2022 Received: from abbatoir.myfiosgateway.com (pool-74-108-56-225.nycmny.fios.verizon.net [74.108.56.225]) by mimir.eigenstate.org (OpenSMTPD) with ESMTPSA id 2740d32f (TLSv1.2:ECDHE-RSA-AES256-SHA:256:NO) for <9front@9front.org>; Tue, 10 May 2022 07:40:43 -0700 (PDT) Message-ID: <77567FF86B34A592067F8FA1ADD7F3C6@eigenstate.org> To: 9front@9front.org Date: Tue, 10 May 2022 10:40:41 -0400 From: ori@eigenstate.org In-Reply-To: <28db6450-6d7c-977f-aaff-62f152e79968@posixcafe.org> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: progressive base deep-learning-based cache-scale optimizer Subject: Re: [9front] [PATCH] kernel: disallow executing from #| or #d Reply-To: 9front@9front.org Precedence: bulk Quoth Jacob Moody : > Hello, > > I noticed that you could execute from #| and #d. > ex: > > cpu% bind '#|' /n/pipetest > cpu% /n/pipetest/data1 & > cpu% echo '#!/bin/rc' >> /n/pipetest/data > cpu% echo 'echo hello' >> /n/pipetest/data > cpu% hello > > I believe this would also work for binaries > if the writer could predict what parts of the binary > the kernel will want to read. I am inclined to > block this behavior but would be curious what others > think. Included is a patch to error on OEXEC opens > in devdup and devpipe. I think all files should be the same, as much as they can be -- we shouldn't necessarily need to care if we have a pipe or not.