Yedidyah Bar-David wrote: > On Mon, Feb 20, 2006 at 01:58:20PM +0200, Oded Arbel wrote: >>> This naturally assumes that the user does not install a private copy >>> of the app. Which is a bit tougher in the case of firefox. And >>> frankly even in the case of OpenOffice. Both are rather >>> self-contained. >> Its the same problem for any app: what would prevent a user from >> downloading and compiling a KDE where the kiosk support it disabled ? >> >> The solution to that is pretty simple: mount /home as noexec (and of >> course make sure that all other user writeable locations are also >> noexec). > > As mentioned in the last discussion of similar nature: > /lib/ld-linux.so.2 /full/path/to/exec > will bypass noexec.
IIRC that was fixed in recent kernel versions. >From the Changlog for 2.6.0: [PATCH] Fix 'noexec' behaviour We should not allow mmap() with PROT_EXEC on mounts marked "noexec", since otherwise there is no way for user-supplied executable loaders (like ld.so and emulator environments) to properly honour the "noexec"ness of the target. trying to use that trick on my machine yields: # /lib/ld-linux.so.2 ./test /test: error while loading shared libraries: ./test: failed to map segment from shared object: Operation not permitted Cheers -- Meir Kriheli http://mksoft.co.il ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
