[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Partition mount options (was Re: apg-get: "Can't exec "/var...)

On Tue, Nov 28, 2000 at 12:39:57PM -0800, kmself@ix.netcom.com wrote:
> > bash: ./date: Permission denied
> > [eb@socrates /tmp]$ /lib/ld-2.1.3.so ./date
> > Tue Nov 28 04:32:41 AKST 2000
> Cute.  Now I want to know why....

its analogous to executing a shell script like so:

/bin/sh /somewhere/shellscript

i don't really know if its feasible for the kernel to detect and stop
this, AFAIK ld.so (ld-linux.so.2 on x86, ld-2.1.3.so on ppc) is just a
userland program as far as the kernel is concerned...

> It's less authorized users and more exploits which might dump an
> executable to some arbitrary location and try to run it.  If that
> location isn't executable....   In general, I'm dealing with single-user
> systems with some network services.

noexec might stop some sort of precanned exploit, but i think its
going to be like non-executable stack, it will stop some exploits, but
the exploit can be tweaked just a bit to work anyway.  (instead of
execing the file, exec /lib/ld-2.1.3.so /where/ever/foo)

Ethan Benson

Attachment: pgp6FoAWo9gTn.pgp
Description: PGP signature

Reply to: