Use execve(2) instead of fexecve(2).
AbandonedPublic
Actions

Authored by crest_freebsd_rlwinm.de on Apr 28 2026, 5:49 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Sun, May 24, 12:23 AM

	Unknown Object (File)
	Thu, May 14, 5:46 PM

	Unknown Object (File)
	Thu, May 14, 11:35 AM

	Unknown Object (File)
	Wed, May 13, 11:47 PM

	Unknown Object (File)
	Wed, May 13, 10:20 PM

	Unknown Object (File)
	Wed, May 13, 12:51 PM

	Unknown Object (File)
	Mon, May 11, 9:34 AM

	Unknown Object (File)
	Fri, May 8, 11:32 AM

View All 14 Files

Subscribers

imp

Details

Reviewers: None

Summary

The dynamic jail.conf is probably a (shell) script.
In that case fexecve(2) will result in kernel running
the interpreter with the script as argument e.g. /dev/fd/$n.
This only works if /dev/fd was mounted with the non-default "nodup"
option, because the kernel doesn't honor O_RDONLY | O_EXEC
and instead opens the file (description) with just FEXEC.

See PR #294780

Event: Wiesbaden Hackathon 202604