On Tue, Nov 28, 2000 at 12:39:57PM -0800, kmself@ix.netcom.com wrote: > > bash: ./date: Permission denied > > [eb@socrates /tmp]$ /lib/ld-2.1.3.so ./date > > Tue Nov 28 04:32:41 AKST 2000 > > Cute. Now I want to know why.... its analogous to executing a shell script like so: /bin/sh /somewhere/shellscript i don't really know if its feasible for the kernel to detect and stop this, AFAIK ld.so (ld-linux.so.2 on x86, ld-2.1.3.so on ppc) is just a userland program as far as the kernel is concerned... > It's less authorized users and more exploits which might dump an > executable to some arbitrary location and try to run it. If that > location isn't executable.... In general, I'm dealing with single-user > systems with some network services. noexec might stop some sort of precanned exploit, but i think its going to be like non-executable stack, it will stop some exploits, but the exploit can be tweaked just a bit to work anyway. (instead of execing the file, exec /lib/ld-2.1.3.so /where/ever/foo) -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp6FoAWo9gTn.pgp
Description: PGP signature