Re: mounting /tmp noexec (was: Campus Computers)

To: Ian <ian@ids.org.au>, debian-security@lists.debian.org
Subject: Re: mounting /tmp noexec (was: Campus Computers)
From: Joey Hess <joeyh@debian.org>
Date: Thu, 27 Dec 2001 21:05:24 -0500
Message-id: <[🔎] 20011228020523.GA28903@kitenet.net>
In-reply-to: <[🔎] 20011227023316.GA1482@ids.org.au>
References: <[🔎] 20011227021726.GA1177@ids.org.au> <[🔎] 87bsgl9zh6.fsf@becket.becket.net> <[🔎] 20011227023316.GA1482@ids.org.au>

Ian wrote:
> why is this? Surely it is better security to do so?

joey@silk:~>ls -l ./ls
-rw-------    1 joey     joey        43916 Dec 26 22:46 ./ls
joey@silk:~>/lib/ld-2.2.4.so ./ls 
CVS      aalib.nohack.diff  doc   ls                screenshot.png
GNUstep  bin                html  mail              src
a        debian             lib   package-sync.log  tmp

If you remove the execute bit from ld.so to avoid this, you in turn
break execution of all deymaically linked libc6 programs.

So sure, noexec does raise the bar tiny little bit, just because an
attacker needs to remember to try this trick, and needs to be able to do
so in their exploit.

Anyway, I would like to make debconf (er, really apt-utils) use a
different temporary directory, but I have not been able to come up with
better one so far.

-- 
see shy jo

Reply to:

References:
- Campus Computers
  - From: Ian <ian@ids.org.au>
- Re: Campus Computers
  - From: tb@becket.net (Thomas Bushnell, BSG)
- Re: mounting /tmp noexec (was: Campus Computers)
  - From: Ian <ian@ids.org.au>

Prev by Date: Re: /etc/passwd ?
Next by Date: Re: sending password in the command line
Previous by thread: Re: mounting /tmp noexec (was: Campus Computers)
Next by thread: Re: Campus Computers
Index(es):
- Date
- Thread