On Tue, Nov 02, 2004 at 02:30:26PM -0500, Valdis.Kletnieks@vt.edu wrote:
> > by exec()'ing a process, that just simply cannot occur: the
> > most you pass over is the command-line arguments, environment
> > variables and um... according to man exec that's it. [oh, and
> > man execve says it respects setuid and setgid bits on an executable.]
>
> Not true at all - just because the only things passed to the execve()
> syscall are the argv[] and envp[] arrays doesn't mean that it's the
> only resources passed to the post-exec code:
>
> 1) Open file descriptors, unless flagged as close-on-exec
> 2) ulimit/umask settings
> 3) Posix 1.e attributes (modulo the active/permitted/inherited changes)
> 4) The current working directory
> 5) Any namespaces created by mount --bind, clone(CLONE_FS), and friends.
>
> And probably a bunch of other stuff I'm forgetting. There's PLENTY of
> places to accidentally leak stuff up/down across an exec() call....

thank you for correcting me.

i trust that all these things are covered in some way by SE/Linux - from what i can gather, the open file descriptors definitely are, yes?

l.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.