[arch-dev-public] [arch-general] [initscripts] Please revert last commit 757f653
Jan de Groot
jan at jgc.homeip.net
Sun Aug 23 19:32:19 EDT 2009
On Mon, 2009-08-24 at 01:25 +0200, Thomas Bächler wrote:
> Jan de Groot schrieb:
> > On Sun, 2009-08-23 at 19:06 -0300, Gerardo Exequiel Pozzi wrote:
> >> Hi
> >> Please revert the last commit[#1], mounting /dev as NOEXEC is incorrect.
> >> This break nvidia GLX extension, vmware, mplayer and possible others
> >> programs that uses mmap() with execute privilege.
> >> PS: I guess that setting a size is "redundant"
> I already asked Gerardo in private: Can anyone provide any reference as
> to why noexec will prevent programs from working?
Some applications like the ones mentioned in the original post will mmap
files in /dev/ with the PROT_EXEC flag. When the filesystem is mounted
as noexec, these mmap operations will fail. Even if the program doesn't
execute anything used in the mmap operation, the whole mmap operation
will just fail when this flag is set on a noexec filesystem.
More information about the arch-dev-public