[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Preventing execution of perl scripts in /tmp dierctory

BipinDas wrote:
Dear List,

I do have following directories in a Debian sarge machine. /tmp /var/tmp /dev/shm. The following is the fstab details

/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw,nodev 0 0
none /dev/shm tmpfs noexec,nosuid,nodev 0 0

No body can execute perl/shell scripts here with 755 permission . when give command like this prompt# ./test.pl , it gives permission denied error. But now I woud like to prevent compiling of scripts here like , prompt#perl test.pl. How can I do it?

It is not possible.

Some notion about security:
noexec and execute flag (111) are to be seen as hint to the shell,
not about absolute permission.

If you can read a file you can execute it!
simply way: copy into the home and change the permissions
read-only way: for ELF files, execute
/lib/ld-linux.so.2 /tmp/elf-program-withmode.644


Reply to: