This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: [fyre@box3n.gumbynet.org: Re: ld-2.1.3.so allows users to run programs from noexec partition]


On Tue, Sep 05, 2000 at 10:01:22AM -0400, Daniel Jacobowitz wrote:
> On Mon, Sep 04, 2000 at 08:27:15PM -0400, Ben Collins wrote:
> > On Mon, Sep 04, 2000 at 03:26:57PM -0300, Rodrigo Barbosa (aka morcego) wrote:
> > > Anything new on this field ? ld-2.1.93.so still executes the file.
> > 
> > Just a question, what's to stop anyone from copying their own ld.so to ~/
> > and using it? What I mean is, isn't the problem in the kernel and not
> > glibc (where fs options should be enforced just like read and write
> > perms)? Even going to the kernel, nothing stops someone from copying an
> > executable to their local ~/ and adding +x and then executing it. So
> > basically, the only thing noexec really cures is +s, and even then should
> > still be the fs (i.e. kernel) that enforces it.
> 
> Well, that doesn't work if /home is mounted noexec.  Isn't that the
> whole point?

Then /tmp and /var/tmp too...I guess in that situation, ld.so would be an
open hole.

-- 
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]