[PATCH 1/2] fs/exec: Explicitly unshare fs_struct on exec
David Laight
David.Laight at ACULAB.COM
Fri Oct 14 22:03:18 UTC 2022
From: Andy Lutomirski
> Sent: 14 October 2022 04:18
...
> But seriously, this makes no sense at all. It should not be possible to exec a program and then,
> without ptrace, change its cwd out from under it. Do we really need to preserve this behavior?
it maybe ok if the exec'ed program also 'bought-in' to the
fact that its cwd and open files might get changed.
But imagine someone doing it to a login shell!
David
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
More information about the Linux-security-module-archive
mailing list