[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My sarge box has an IRC bot

On Thu, 2007-01-11 at 18:52 -0500, Roberto C. Sanchez wrote:
> Yup.  While that will thwart the most naïve of attacks, put a binary
> (not a script) in there (something like ls works) and run this:
> /lib/ld-linux.so.2 /tmp/ls

That is actually not possible if you have a recent linux kernel.

        "Newer versions of the kernel do however handle the noexec flag
               angrist:/tmp# mount | grep /tmp
               /dev/hda3 on /tmp type ext3 (rw,noexec,nosuid,nodev)
               angrist:/tmp# ./date
               bash: ./tmp: Permission denied 
               angrist:/tmp# /lib/ld-linux.so.2 ./date 
               ./date: error while loading shared libraries: ./date: failed to map segment 
               from shared object: Operation not permitted"


There might still be an easy way around that of course.

Sven Arvidsson
PGP Key ID 760BDD22

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: