This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: [fyre@box3n.gumbynet.org: Re: ld-2.1.3.so allows users to run programs from noexec partition]
On Mon, Sep 04, 2000 at 08:27:15PM -0400, Ben Collins wrote:
> On Mon, Sep 04, 2000 at 03:26:57PM -0300, Rodrigo Barbosa (aka morcego) wrote:
> > Anything new on this field ? ld-2.1.93.so still executes the file.
>
> Just a question, what's to stop anyone from copying their own ld.so to ~/
> and using it? What I mean is, isn't the problem in the kernel and not
> glibc (where fs options should be enforced just like read and write
> perms)? Even going to the kernel, nothing stops someone from copying an
> executable to their local ~/ and adding +x and then executing it. So
> basically, the only thing noexec really cures is +s, and even then should
> still be the fs (i.e. kernel) that enforces it.
Well, that doesn't work if /home is mounted noexec. Isn't that the
whole point?
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/