Re: [RFC PATCH v1 1/2] mm/memfd: Add support for F_SEAL_FUTURE_EXEC to memfd

On Tue, Jan 14, 2025 at 12:02:28PM -0800, Isaac Manjarres wrote:

I think the main issue in the threat model that I described is that an attacking process can gain control of a more priveleged process.

I understood it to be about an attacker gaining execution control through a rewritten function pointer, not that they already have arbitrary execution control. (i.e. taking a "jump anywhere" primitive and upgrading it to "execute anything".) Is the expectation that existing ROP/JOP techniques make protecting memfd irrelevant?