From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id CFB0ACEACC1 for ; Tue, 1 Oct 2024 13:43:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 63EDC28008A; Tue, 1 Oct 2024 09:43:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 61FC6280068; Tue, 1 Oct 2024 09:43:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4B5AD28008A; Tue, 1 Oct 2024 09:43:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 2E3E5280068 for ; Tue, 1 Oct 2024 09:43:45 -0400 (EDT) Received: from smtpin10.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id CFEE9141345 for ; Tue, 1 Oct 2024 13:43:44 +0000 (UTC) X-FDA: 82625151168.10.3A392AA Received: from fout-a4-smtp.messagingengine.com (fout-a4-smtp.messagingengine.com [103.168.172.147]) by imf25.hostedemail.com (Postfix) with ESMTP id A02EFA0006 for ; Tue, 1 Oct 2024 13:43:41 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=tycho.pizza header.s=fm1 header.b=Fq8Pru2J; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=lWAUaY4A; dmarc=none; spf=pass (imf25.hostedemail.com: domain of tycho@tycho.pizza designates 103.168.172.147 as permitted sender) smtp.mailfrom=tycho@tycho.pizza ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727790201; a=rsa-sha256; cv=none; b=JemuYqYkopkLVRAhUM/LzbH2ukvYQc75sy3IOqE9vbWTsCP49+IYmd/lnrSDgSCaIATEPc Rzv02R8Y8Jx7bALiC/WU/xrtypkHrd4AqOI9BvrdAsTPsDnY+dEwIn1Y8VbxjoB9UzdsXD f03gLJken4LLkJc05ezy/QFtED3DBlk= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=tycho.pizza header.s=fm1 header.b=Fq8Pru2J; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=lWAUaY4A; dmarc=none; spf=pass (imf25.hostedemail.com: domain of tycho@tycho.pizza designates 103.168.172.147 as permitted sender) smtp.mailfrom=tycho@tycho.pizza ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727790201; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=9eJfTq98nKsS/oxhfrBvZbGHDG0wJU4VJL04JAqQ3dc=; b=7fBwObAUQiyXaEcHEpCGYQraLGlqzP9Ld7CySYPEMlnfFuui4u2znzO9HeAFqhfykQSaru RxejgzBO3u6DI/hMSl0OvQGQHXbKEnBMxqqGxFyiTjuNSO9nBsBNwdzTcBSoU5PtlJvIAe yXmkbSst1CahTSuLiMiOhgw5P9nLTO4= Received: from phl-compute-10.internal (phl-compute-10.phl.internal [10.202.2.50]) by mailfout.phl.internal (Postfix) with ESMTP id EB037138187E; Tue, 1 Oct 2024 09:43:40 -0400 (EDT) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-10.internal (MEProxy); Tue, 01 Oct 2024 09:43:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tycho.pizza; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1727790220; x=1727876620; bh=9eJfTq98nK sS/oxhfrBvZbGHDG0wJU4VJL04JAqQ3dc=; b=Fq8Pru2JrJ3LdbXR3W2bOiOUX2 YPTI1Ul4/3a0mkjMfGCV1M51FD+CmKqSjGFcSMmfWkf7zWtqydb2v84kbtP9JnYY vlnVLRasWWix6VegO0nPXgmdp1e3CKP9SclLPbMa8xG07cY8q91/x/HhbD9GnqN8 iR3vXY9/d2adZ5Gv1GwbTKBZxO0+28/4ENUygQ2KATlmLRakFtng+ey3HK4SJgCx 8b1bJbSDMvFeHXeuDA+xukL5lr4pgZiUoV4Oj4mEzQoOt67u16AjSDPCS133UfkK c76Bhb7a/QDks82aKhcDE35+O87CIJm5OsPGlabIdQNv6Sjl7SpszzIjEaQw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1727790220; x=1727876620; bh=9eJfTq98nKsS/oxhfrBvZbGHDG0w JU4VJL04JAqQ3dc=; b=lWAUaY4AyIhnV8M7GE2ZVVzdk/KRPWIFlBv3eLj4Lkup BlPm+8oeTqzyalge3ZDK4LYCFLGbnv2bvqgVcG1e2JBxZvmQECU8kdF19jZL+bWQ 4OQu94YwSeNaVUFr6AgEmvE3zu35/ejFzR0xZ80k5YIqSlMMaS5ybLxVUpjvWu+j WSOgGIbWQSVHsu2EKThDx8XSTwU61cXOpLmEvCkM4SXACNV8Xr6NHnaw2/4Amnr/ ibfd1BYNps275IqCNbDJve0VQ1A3879tbebMl+L1A3gItspfCJm9hE2SAyJZJvGq 0hUWJENG4kCfWn6cjrbX1OvC4f0ptU5j3liu7iCasw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeftddrvddujedgieeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggvpdfu rfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnh htshculddquddttddmnecujfgurhepfffhvfevuffkfhggtggujgesthdtredttddtvden ucfhrhhomhepvfihtghhohcutehnuggvrhhsvghnuceothihtghhohesthihtghhohdrph hiiiiirgeqnecuggftrfgrthhtvghrnhepueettdetgfejfeffheffffekjeeuveeifedu leegjedutdefffetkeelhfelleetnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrg hmpehmrghilhhfrhhomhepthihtghhohesthihtghhohdrphhiiiiirgdpnhgspghrtghp thhtohepuddvpdhmohguvgepshhmthhpohhuthdprhgtphhtthhopegvsghivgguvghrmh esgihmihhsshhiohhnrdgtohhmpdhrtghpthhtohepkhgvvghssehkvghrnhgvlhdrohhr ghdprhgtphhtthhopehvihhrohesiigvnhhivhdrlhhinhhugidrohhrghdruhhkpdhrtg hpthhtohepsghrrghunhgvrheskhgvrhhnvghlrdhorhhgpdhrtghpthhtohepjhgrtghk sehsuhhsvgdrtgiipdhrtghpthhtoheplhhinhhugidqfhhsuggvvhgvlhesvhhgvghrrd hkvghrnhgvlhdrohhrghdprhgtphhtthhopehlihhnuhigqdhmmheskhhvrggtkhdrohhr ghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdroh hrghdprhgtphhtthhopehlihhnuhigqdhkshgvlhhfthgvshhtsehvghgvrhdrkhgvrhhn vghlrdhorhhg X-ME-Proxy: Feedback-ID: i21f147d5:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 1 Oct 2024 09:43:38 -0400 (EDT) Date: Tue, 1 Oct 2024 07:43:37 -0600 From: Tycho Andersen To: "Eric W. Biederman" Cc: Kees Cook , Alexander Viro , Christian Brauner , Jan Kara , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, linux-kselftest@vger.kernel.org, Tycho Andersen , Zbigniew =?utf-8?Q?J=C4=99drzejewski-Szmek?= , Aleksa Sarai Subject: Re: [PATCH v2 1/2] exec: add a flag for "reasonable" execveat() comm Message-ID: References: <20240927151746.391931-1-tycho@tycho.pizza> <87ikuhw155.fsf@email.froward.int.ebiederm.org> <202409281453.B9B9999D@keescook> <87bk05vobx.fsf@email.froward.int.ebiederm.org> <871q10vr62.fsf@email.froward.int.ebiederm.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <871q10vr62.fsf@email.froward.int.ebiederm.org> X-Rspam-User: X-Stat-Signature: 7fjxkbo5wbu3kkd193ahkqxxpazoxwdy X-Rspamd-Queue-Id: A02EFA0006 X-Rspamd-Server: rspam02 X-HE-Tag: 1727790221-898815 X-HE-Meta: U2FsdGVkX1+P9fSwQF+lWlCBQmyiC2QEAOhynA7ZArO1XP4k2SpNImeUoVnJnLnqAS2/u0s8cRWGQrgiNZrIS3duu6sLFj4LiwJMgqtTiejF6OOw5u68ALkzFnx2uip9Bk7wNcttJkGX78wMKD4gnMzuUyP0t/0U8wNnvsb3zi1YN0H1siEaIi4K4Hyw2ALa8xY8dBiBHphI23nJf8C77pEr1q7OG3QlhPx+EI5tPYD9FnkcmWloPW1UJ5vZ9T57Uw46JtY2lWnfWWOfVT+/9ZjrJAV+8CHmmJqSCzpUNdo0jn2skHe7Ckk6rYT9179GUp2rPVBLrUtOFuPj5yA5iyxyvBUtRaQaRs8Q43wa24A5eCOqESeez69T5835IsEHSMKXux1qkBO5x3WtxQPw9Ob05ppqBuabRr/pUJJdF/YpUDZvDB6lQXIigO8VOecRNl0YhKEIynaJ1RUCqaYS75T57yvDS97N/V1Cskf/QTv12NrAhVKXcggu8qrAwEd3HrllpeWX8jE/0HnRo5zreYx5aJFcOZgQm37vauO70Eu+MP2Fx+0HSkg2TXw5AdxnWwTyL8QJ5GNgVxU/9A1rf/JDYH0KWI5Rkzgd/mmrt4elBOc9jPV3lvluCnmPR9yeX5lkGDe82F4FlseC67CU33ztNu/R8eU5aUIXsqNcTw0/En14a5PuWazlp/6W3VY2dw+q4dxxQn3uy7nRo/PK0e8wa+M2cCW3crZC8w1n8WWqRqBZFrvX6+r0Azad1UHF4fwTxJ9QdKiSV3scP7ZjlcvC9OgPcD5tiF3buWtH0qb7xgnOD5MDvdx4xtcVKBXHt3d/PjIWnWtinnK+1ind8cnTuz9YWjy6O7Rcg1P4i7C3qcWisJyin/h5opSw8O2m78RCJoR0ClZZI7boRU/empat+Si/1e4ciGmIQV36iEnB5r/2/rORfVWqFt0D7fbssq198bLk/rShNnpqT6s eXoVgZzw yg1kvnhd3Dw+AzeoYO5QkBhisVRDPtTGX7YGTHOwb/DsaJ9ewCtrFUeoGLF2ZyqakMfST9bl6gPuIMDcS0+5Vj7Ch6mpRE7Uay+mCfx+Vulsu+YzLKnGD4wi+fHMt6tXKgDcnFgN0mdXl8WrjnGAG45BGvPA/2jAWSZCmKNPgynrYoDKyxdP/42Wzr90s4rDOyX1hdyfOy7Whz54284eTyQ85gpoze8iYm8eFomyyhr91TsrBbq50xB/+/q+NS2Q4uGQB9nnV4K3nOYXZPj0lNAsHgJQjvqNjbgsTWvEA+OxTbD4vtJktftbfxe1m2m8qdbaG/yJDqi3zHrHBiCDspnnADgP9ueDuuEfbiZkW0DOkLYP4IcQIpzNKMmN83eMTnExR X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, Sep 30, 2024 at 03:10:29PM -0500, Eric W. Biederman wrote: > "Eric W. Biederman" writes: > > > Kees Cook writes: > > >> I'm not super comfortable doing this regardless of bprm->fdpath; that > >> seems like too many cases getting changed. Can we just leave it as > >> depending on bprm->fdpath? > > I was recommending that because I did not expect that there was any > widespread usage of aliasing of binary names using symlinks. > > I realized today that on debian there are many aliases > of binaries created with the /etc/alternatives mechanism. > So there is much wider exposure to problems than I would have > supposed. > > So I remove any objections to making the new code conditional on bprm->fdpath. Yep, and it looks like Alpine distributes busybox with symlinks instead of hard links. I will respin with a fixed subject line shortly. Thanks, Tycho