Re: Email based attack on University

To: debian-user@lists.debian.org
Subject: Re: Email based attack on University
From: Curt <curty@free.fr>
Date: Sat, 5 Oct 2019 09:39:06 -0000 (UTC)
Message-id: <[🔎] slrnqpgp5q.2r4.curty@einstein.electron.org>
References: <[🔎] dc2186e3-138a-ba0e-3243-fd7766b24db2@gmail.com> <[🔎] 20191004152252.do4n3r66lqlmodnl@qusp> <[🔎] eef1fe41-64ad-6dca-b7c5-5f32a638f241@gmail.com>

On 2019-10-05, Keith Bainbridge <ke1th3216@gmail.com> wrote:

> I'm still lurking here, but not sure what this suggestion means.

He's not making one.

He's offering examples of the trivial circumvention of the noexec option
(but they all appear to be faulty for one reason or another).

> Please expand.

>
> On 5/10/19 1:22 am, Jonathan Dowland wrote:
>> On Wed, Oct 02, 2019 at 07:03:59PM +1000, Keith Bainbridge wrote:
>>> I wonder if having /home on a 'noexec' partition would stop this 
>>> attack, please?
>> 
>> I don't know specifically about this attack, but noexec is trivial to
>> circumvent. Here's three ways:
>> 
>>     bash -c "~/whatever"
>>     cp ~/whatever /tmp && /tmp/whatever
>>     /lib64/ld-linux-x86-64.so.2 ~/whatever
>> 
>
>


-- 
"There are no foreign lands. It is the traveler only who is foreign."
-- Robert Louis Stevenson

Reply to:

Follow-Ups:
- Re: Email based attack on University
  - From: <tomas@tuxteam.de>

References:
- Email based attack on University
  - From: Keith Bainbridge <keithrbau@gmail.com>
- Re: Email based attack on University
  - From: Jonathan Dowland <jon+debian-user@dow.land>
- Re: Email based attack on University
  - From: Keith Bainbridge <ke1th3216@gmail.com>

Prev by Date: Re: to install libpng12.so.0
Next by Date: Re: disk going bad? or fuser related issues? . . .
Previous by thread: Re: Email based attack on University
Next by thread: Re: Email based attack on University
Index(es):
- Date
- Thread