1 .\" Copyright (c) 2006, Michael Kerrisk
3 .\" %%%LICENSE_START(VERBATIM)
4 .\" Permission is granted to make and distribute verbatim copies of this
5 .\" manual provided the copyright notice and this permission notice are
6 .\" preserved on all copies.
8 .\" Permission is granted to copy and distribute modified versions of this
9 .\" manual under the conditions for verbatim copying, provided that the
10 .\" entire resulting derived work is distributed under the terms of a
11 .\" permission notice identical to this one.
13 .\" Since the Linux kernel and libraries are constantly changing, this
14 .\" manual page may be incorrect or out-of-date. The author(s) assume no
15 .\" responsibility for errors or omissions, or for damages resulting from
16 .\" the use of the information contained herein. The author(s) may not
17 .\" have taken the same level of care in the production of this manual,
18 .\" which is licensed free of charge, as they might when working
21 .\" Formatted or processed versions of this manual, if unaccompanied by
22 .\" the source, must acknowledge the copyright and authors of this work.
25 .TH FEXECVE 3 2014-04-20 "Linux" "Linux Programmer's Manual"
27 fexecve \- execute program specified via file descriptor
30 .B #include <unistd.h>
32 .BI "int fexecve(int " fd ", char *const " argv "[], char *const " envp []);
36 Feature Test Macro Requirements for glibc (see
37 .BR feature_test_macros (7)):
46 _XOPEN_SOURCE\ >=\ 700 || _POSIX_C_SOURCE\ >=\ 200809L
55 performs the same task as
57 with the difference that the file to be executed
58 is specified via a file descriptor,
60 rather than via a pathname.
63 must be opened read-only,
64 and the caller must have permission to execute the file that it refers to.
65 .\" POSIX.1-2008 specifies the O_EXEC flag for open as an alternative,
66 .\" but Linux doesn't support this flag yet.
71 On error, the function does return, with a result value of \-1, and
77 with the following additions:
81 is not a valid file descriptor, or
90 filesystem could not be accessed.
93 is implemented since glibc 2.3.2.
96 This function is not specified in POSIX.1-2001,
97 and is not widely available on other systems.
98 It is specified in POSIX.1-2008.
102 is implemented using the
106 needs to be mounted and available at the time of the call.
110 is a file descriptor that refers to an interpreter script
111 and has been marked as close-on-exec (see the discussion of the
116 will fail to execute the script, since,
117 by the time the script interpreter tries to access the script file,
119 has already been closed.
123 is to allow the caller to verify (checksum) the contents of
124 an executable before executing it.
125 Simply opening the file, checksumming the contents, and then doing an
127 would not suffice, since, between the two steps, the filename,
128 or a directory prefix of the pathname, could have been exchanged
129 (by, for example, modifying the target of a symbolic link).
131 does not mitigate the problem that the
133 of a file could be changed between the checksumming and the call to
135 for that, the solution is to ensure that the permissions on the file
136 prevent it from being modified by malicious users.