This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: [fyre@box3n.gumbynet.org: Re: ld-2.1.3.so allows users to run programs from noexec partition]

On Mon, Sep 04, 2000 at 08:27:15PM -0400, Ben Collins wrote:
> On Mon, Sep 04, 2000 at 03:26:57PM -0300, Rodrigo Barbosa (aka morcego) wrote:
> > Anything new on this field ? ld-2.1.93.so still executes the file.
> 
> Just a question, what's to stop anyone from copying their own ld.so to ~/
> and using it? What I mean is, isn't the problem in the kernel and not
> glibc (where fs options should be enforced just like read and write
> perms)? Even going to the kernel, nothing stops someone from copying an
> executable to their local ~/ and adding +x and then executing it. So
> basically, the only thing noexec really cures is +s, and even then should
> still be the fs (i.e. kernel) that enforces it.

Well, that doesn't work if /home is mounted noexec.  Isn't that the
whole point?

Dan

/--------------------------------\  /--------------------------------\
|       Daniel Jacobowitz        |__|        SCS Class of 2002       |
|   Debian GNU/Linux Developer    __    Carnegie Mellon University   |
|         dan@debian.org         |  |       dmj+@andrew.cmu.edu      |
\--------------------------------/  \--------------------------------/
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]