On Sat, Sep 14, 2002 at 01:34:13PM +0200, Michelle Konzack wrote: > >try putting any binary, as a test, in /tmp, e.g. copy /bin/ls to > >/tmp/testexe. Then issue the command > > > >/lib/ld-linux.so.2 /tmp/testexe > > Oops.... Why is it ???
Because that's how ld.so works. It's an ELF interpreter, just like perl is a perl interpreter; perl /tmp/foo.pl works on a noexec filesystem (I'm assuming.) > It may be a very big security problem... The only security problem here is the reliance on mounting with noexec in the belief that this will prevent anything. nosuid is useful, but noexec isn't. (Maybe in a restricted shell environment, where ld.so couldn't be run by name, only as an interpreter started by the kernel.) -- #define X(x,y) x##y Peter Cordes ; e-mail: X([EMAIL PROTECTED] , ns.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BC
