On Thu, Feb 10, 2005 at 06:17:01PM +1100, Paul Hampson wrote: > > It still lets you execute files that don't have the executable flag > > set like libc. It's a different bug but it's still there.
> Is that a bug? I can run -x perl scripts with perl <scriptname> so > why not -x ELF scripts with /lib/ld-linux.so.2 <ELFname> > What stops me taking a copy of the binary, making it +x and running > that anyway? So I don't see any security concern... Not having write access to any media that's not marked noexec? But I agree that the security benefits are trivial on a system where users have access to perl. -- Steve Langasek postmodern programmer
signature.asc
Description: Digital signature
