Allow permission line in /proc/self/map to be "rwx", not just "r-x".

[yasushi-saito]

At least in Ubuntu14, a binary file that's writable by the process owner
has permission "rwx", not "r-x".

[googlebot]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please let us know the company's name.

[yasushi-saito]

Signed the cla.

[googlebot]

CLAs look good, thanks!

[ukai]

hmm, unrepro on Ubuntu 14.01
$ cp /bin/sleep /tmp/sleep
$ chmod 0777 /tmp/sleep
$ /tmp/sleep 10000 &
$ cat /proc/$pid/maps | grep sleep
00400000-00406000 r-xp 00000000 fc:00 1317979 /tmp/sleep
00606000-00607000 r--p 00006000 fc:00 1317979 /tmp/sleep
00607000-00608000 rw-p 00007000 fc:00 1317979 /tmp/sleep

depends on some configurations/settings?

[yasushi-saito]

Yeah, I can't reproduce using /bin/sleep either. I also miswrote - it
doesn't matter whether the executable file is writable.
But the binary I'm running, I get:

00400000-04780000 rwxp 00000000 00:17 2423286
/var/home/bin/tools/stl
04780000-0493a000 rw-p 00000000 00:00 0
055ed000-0682e000 rw-p 00000000 00:00 0
[heap]
7f8081d44000-7f8081d45000 ---p 00000000 00:00 0
7f8081d45000-7f8082545000 rw-p 00000000 00:00 0
[stack:13498]
7f8082545000-7f8082546000 ---p 00000000 00:00 0
7f8082546000-7f8082d46000 rw-p 00000000 00:00 0
[stack:13497]
7f8082d46000-7f8082d47000 ---p 00000000 00:00 0
7f8082d47000-7f8083547000 rw-p 00000000 00:00 0
[stack:13496]
7f8083547000-7f8083548000 ---p 00000000 00:00 0
7f8083548000-7f8083d48000 rw-p 00000000 00:00 0
[stack:13495]
7f8083d48000-7f8083d49000 ---p 00000000 00:00 0
7f8083d49000-7f8084549000 rw-p 00000000 00:00 0
[stack:13494]

Moreover, if I make a slight change to the binary (tools/stl in this
example) - say adding a noop function that's never called - then this
problem sometimes goes away. So I think it depends on the size of the
executable? Maybe the kernel and/or the dynamic linker maps the text
segment read/write when it's size satisfies certain condition?

cat /proc/version
Linux version 3.16.0-69-generic (buildd@lcy01-33) (gcc version 4.8.2
(Ubuntu 4.8.2-19ubuntu1) ) #89~14.04.1-Ubuntu SMP Thu Mar 17 20:51:04 UTC
2016

On Tue, Apr 12, 2016 at 9:57 PM, Fumitoshi Ukai notifications@github.com
wrote:

hmm, unrepro on Ubuntu 14.01
$ cp /bin/sleep /tmp/sleep
$ chmod 0777 /tmp/sleep
$ /tmp/sleep 10000 &
$ cat /proc/$pid/maps | grep sleep
00400000-00406000 r-xp 00000000 fc:00 1317979 /tmp/sleep
00606000-00607000 r--p 00006000 fc:00 1317979 /tmp/sleep
00607000-00608000 rw-p 00007000 fc:00 1317979 /tmp/sleep

depends on some configurations/settings?

—
You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#101 (comment)

Yasushi Saito

[ukai]

hmm, i see.
I understand there is a case that code text is mapped with writable permission.

[katkamaculikova]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please let us know the company's name.