[PATCH] take noexec checks to very few callers that care Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

commit: 30524472c2f728c20d6bf35191042a5d455c0a64 [log] [tgz]
author: Al Viro <viro@zeniv.linux.org.uk> Tue Jul 22 00:02:33 2008 -0400
committer: Al Viro <viro@zeniv.linux.org.uk> Sat Jul 26 20:53:30 2008 -0400
tree: e9985d3883b45c4a9f5ef8185fa79c7b568bb4bd
parent: e56b6a5dda1a36ffaa532df6f975ea324298fa4d [diff] [blame]
diff --git a/fs/open.c b/fs/open.c
index 3b3c436..d5e421a 100644
--- a/fs/open.c
+++ b/fs/open.c

@@ -461,6 +461,16 @@
 	if (res)
 		goto out;
 
+	if ((mode & MAY_EXEC) && S_ISREG(nd.path.dentry->d_inode->i_mode)) {
+		/*
+		 * MAY_EXEC on regular files is denied if the fs is mounted
+		 * with the "noexec" flag.
+		 */
+		res = -EACCES;
+		if (nd.path.mnt->mnt_flags & MNT_NOEXEC)
+			goto out_path_release;
+	}
+
 	res = vfs_permission(&nd, mode | MAY_ACCESS);
 	/* SuS v2 requires we report a read only fs too */
 	if(res || !(mode & S_IWOTH) ||
commit	30524472c2f728c20d6bf35191042a5d455c0a64	[log] [tgz]
author	Al Viro <viro@zeniv.linux.org.uk>	Tue Jul 22 00:02:33 2008 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	Sat Jul 26 20:53:30 2008 -0400
tree	e9985d3883b45c4a9f5ef8185fa79c7b568bb4bd
parent	e56b6a5dda1a36ffaa532df6f975ea324298fa4d [diff] [blame]