Bug#217386: libc6: ld.so allows execution of programs on noexec mounts

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#217386: libc6: ld.so allows execution of programs on noexec mounts
From: Tobias Diedrich <ranma@gmx.at>
Date: Fri, 24 Oct 2003 12:18:54 +0200
Message-id: <[🔎] 20031024101854.6B705103C07@nukunuku.yamamaya.is-a-geek.org>
Reply-to: Tobias Diedrich <ranma@gmx.at>, 217386@bugs.debian.org

Package: libc6
Version: 2.3.2-8
Severity: normal
Tags: security,upstream

Using ld.so one can execute programs on noexec mounts, which renders
noexec useless:

melchior:/boot# mount -o remount,noexec /boot
melchior:/boot# cp /bin/bash .
melchior:/boot# sed -i -e 's/Software/Saftware/g' ./bash
melchior:/boot# /lib/ld-2.3.2.so /boot/bash  --version
GNU bash, version 2.05b.0(1)-release (i386-pc-linux-gnu)
Copyright (C) 2002 Free Saftware Foundation, Inc.

Appearently this is known since 1999, see:
http://sources.redhat.com/ml/libc-alpha/2000-09/msg00071.html

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux melchior 2.4.22 #15 Wed Oct 15 00:35:05 CEST 2003 i686
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages libc6 depends on:
ii  libdb1-compat                 2.1.3-7    The Berkeley database routines [gl

-- no debconf information

Reply to:

Follow-Ups:
- Bug#217386: marked as done (libc6: ld.so allows execution of programs on noexec mounts)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#217386: libc6: ld.so allows execution of programs on noexec mounts
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Bug#217355: locales: uninstallable package
Next by Date: Bug#217355: locales: uninstallable package
Previous by thread: Bug#217355: acknowledged by developer (fixed)
Next by thread: Bug#217386: marked as done (libc6: ld.so allows execution of programs on noexec mounts)
Index(es):
- Date
- Thread