Re: execturing libc

To: Wouter Verhelst <wouter@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: execturing libc
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: Fri, 04 Feb 2005 15:54:45 +0100
Message-id: <[🔎] 87acqkv0i2.fsf@informatik.uni-tuebingen.de>
In-reply-to: <[🔎] 20050204082016.GC28597@grep.be> (Wouter Verhelst's message of "Fri, 4 Feb 2005 09:20:16 +0100")
References: <[🔎] 20050201183727.GD5237@mykerinos.kheops.frmug.org> <[🔎] 20050201222743.GB16515@buici.com> <[🔎] 1107322536.13543.12.camel@localhost> <[🔎] 200502021018.54535@fortytwo.ch> <[🔎] 87zmyld7t6.fsf@gmx.at> <[🔎] 87oef1wthl.fsf@informatik.uni-tuebingen.de> <[🔎] 20050204082016.GC28597@grep.be>

Wouter Verhelst <wouter@debian.org> writes:

> On Thu, Feb 03, 2005 at 04:31:02PM +0100, Goswin von Brederlow wrote:
>> mrvn@frosties:~% /lib64/ld-linux-x86-64.so.2 /lib/libc-2.3.2.so 
>> GNU C Library stable release version 2.3.2, by Roland McGrath et al.
>> Copyright (C) 2003 Free Software Foundation, Inc.
>> This is free software; see the source for copying conditions.
>> There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
>> PARTICULAR PURPOSE.
>> Compiled by GNU CC version 3.3.5 (Debian 1:3.3.5-6).
>> Compiled on a Linux 2.6.0-test7 system on 2005-01-12.
>> Available extensions:
>>         GNU libio by Per Bothner
>>         crypt add-on version 2.1 by Michael Glad and others
>>         NPTL 0.60 by Ulrich Drepper
>>         BIND-8.2.3-T5B
>>         NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk
>> Thread-local storage support included.
>> Report bugs using the `glibcbug' script to <bugs@gnu.org>.
>> 
>> 
>> And exactly that info is the reason why one may want to execute libc.
>
> There's also the fact that an executable libc is a nice way to
> circumvent a 'noexec' restriction on a mount point :-)

How does libc help?

mrvn@frosties:~% sudo chmod a+x  /lib/libc-2.3.2.so
mrvn@frosties:~% /lib/libc-2.3.2.so /bin/sh
GNU C Library stable release version 2.3.2, by Roland McGrath et al.
Copyright (C) 2003 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 3.3.5 (Debian 1:3.3.5-6).
Compiled on a Linux 2.6.0-test7 system on 2005-01-12.
Available extensions:
        GNU libio by Per Bothner
        crypt add-on version 2.1 by Michael Glad and others
        NPTL 0.60 by Ulrich Drepper
        BIND-8.2.3-T5B
        NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk
Thread-local storage support included.
Report bugs using the `glibcbug' script to <bugs@gnu.org>.

Libc doesn't execute its arguments.


The way to circumvent a noexec is to call the dynamic linker like I
did for libc:

/lib64/ld-linux-x86-64.so.2 <any file>

MfG
        Goswin

Reply to:

Follow-Ups:
- Re: execturing libc
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: execturing libc
  - From: Wouter Verhelst <wouter@debian.org>

References:
- Who could be able to help SW vendors to support Debian?
  - From: Christian Perrier <bubulle@debian.org>
- Re: Who could be able to help SW vendors to support Debian?
  - From: Marc Singer <elf@buici.com>
- Re: Who could be able to help SW vendors to support Debian?
  - From: "Brian M. Carlson" <sandals@crustytoothpaste.ath.cx>
- execturing libc (was: Re: Who could be able to help SW vendors to support Debian?)
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: execturing libc
  - From: Andreas Rottmann <a.rottmann@gmx.at>
- Re: execturing libc
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: execturing libc
  - From: Wouter Verhelst <wouter@debian.org>

Prev by Date: Re: list what's in the NEW queue?
Next by Date: Re: list what's in the NEW queue?
Previous by thread: Re: execturing libc
Next by thread: Re: execturing libc
Index(es):
- Date
- Thread