Re: Preventing execution of perl scripts in /tmp dierctory

To: BipinDas <bipindas.k@ditro.com>
Cc: debian-isp@lists.debian.org
Subject: Re: Preventing execution of perl scripts in /tmp dierctory
From: "Giacomo A. Catenazzi" <cate@debian.org>
Date: Wed, 06 Jun 2007 18:34:48 +0200
Message-id: <[🔎] 4666E228.9010209@debian.org>
In-reply-to: <[🔎] 466526B4.3080306@ditro.com>
References: <[🔎] 466526B4.3080306@ditro.com>

BipinDas wrote:

Dear List,
I do have following directories in a Debian sarge machine. /tmp /var/tmp/dev/shm. The following is the fstab details
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw,nodev 0 0
none /dev/shm tmpfs noexec,nosuid,nodev 0 0
No body can execute perl/shell scripts here with 755 permission . whengive command like this prompt# ./test.pl , it gives permission denied error.But now I woud like to prevent compiling of scripts here like ,prompt#perl test.pl. How can I do it?


It is not possible.

Some notion about security:
noexec and execute flag (111) are to be seen as hint to the shell,
not about absolute permission.

If you can read a file you can execute it!
simply way: copy into the home and change the permissions
read-only way: for ELF files, execute
/lib/ld-linux.so.2 /tmp/elf-program-withmode.644

ciao
	cate

Reply to:

Follow-Ups:
- Re: Preventing execution of perl scripts in /tmp dierctory
  - From: martin f krafft <madduck@debian.org>

References:
- Preventing execution of perl scripts in /tmp dierctory
  - From: BipinDas <bipindas.k@ditro.com>

Prev by Date: Re: Preventing execution of perl scripts in /tmp dierctory
Next by Date: Re: Preventing execution of perl scripts in /tmp dierctory
Previous by thread: Re: Preventing execution of perl scripts in /tmp dierctory
Next by thread: Re: Preventing execution of perl scripts in /tmp dierctory
Index(es):
- Date
- Thread