On Wed 24-01-24 14:06:23, Kees Cook wrote:
> Path-based LSMs will bypass uselib() "open" checks since commit
> 4759ff71f23e ("exec: Check __FMODE_EXEC instead of in_execve for LSMs"),
> so don't set __FMODE_EXEC during uselib(). The LSM "open" and eventual
> "mmap" hooks will be restored. (uselib()
On Wed, Jan 24, 2024 at 02:06:23PM -0800, Kees Cook wrote:
> Path-based LSMs will bypass uselib() "open" checks since commit
> 4759ff71f23e ("exec: Check __FMODE_EXEC instead of in_execve for LSMs"),
> so don't set __FMODE_EXEC during uselib(). The LSM "open" and eventual
> "mmap" hooks will be res
Path-based LSMs will bypass uselib() "open" checks since commit
4759ff71f23e ("exec: Check __FMODE_EXEC instead of in_execve for LSMs"),
so don't set __FMODE_EXEC during uselib(). The LSM "open" and eventual
"mmap" hooks will be restored. (uselib() never set current->in_execve.)
Other things that
