It doesn't make sense to worry about multicall binaries.
It doesn't make sense to worry about multicall binaries.
Posted Dec 4, 2024 9:57 UTC (Wed) by maxfragg (guest, #122266)In reply to: It doesn't make sense to worry about multicall binaries. by ebiederm
Parent article: The kernel's command-line commotion
Posted Dec 13, 2024 12:17 UTC (Fri)
by roblucid (guest, #48964)
[Link]
It doesn't make sense to worry about multicall binaries.
execve(2) behaviour was not changing, in the fexecve(2) case if you're not willing to pay some cost as you are wanting to see a file with a verified signature why are you bothering with the file descriptor? If say you have written a shell with fexecve(2) support as a feature, surely you can set up an environment variable and do more smoke & mirrors processing on ps(1)/top(1) via builtin to protect users from their illusions being shattered.
Scripts have trace features to help debugging, couldn't you just turn off the use of fexecve when developing if necessary?
As somebody said allowing obfuscation of what you are really running seems to be to the benefit the "shenanigans" use case.