On Mon, May 15, 2017 at 03:37:42PM -0400, Nikolai Lifanov wrote: > On 05/15/2017 15:36, Alexey Dokuchaev wrote: > > On Mon, May 15, 2017 at 10:25:29PM +0300, Konstantin Belousov wrote: > >> On Mon, May 15, 2017 at 01:08:55PM -0600, Ian Lepore wrote: > >>> Well, for example, it seems like it would allow anyone to execute a > >>> binary even if the sysadmin had set it to -x specifically to prevent > >>> people from running it. > >> > >> The direct mode does not (and cannot) honor set{u,g}id modes of the > >> executable, so any binary run this way would only exercise the existing > >> power of the user which did it. > >> > >> The most advanced explanation that I was given in private was among > >> the lines: "if you have an environment where users can upload content > >> to a shared server, but have no access to chmod(2), no compilers, no > >> scripting languages, etc." The person then admitted that (s)he does not > >> consider it as an actual concern. > > > > Would this now allow executing binaries (with or without +x bit) from > > filesystems mounted with -o noexec? > > > > ./danfe > > No: > > # zfs create -o mountpoint=/mnt -o exec=off tank/TEST > # cp /bin/sh /mnt/ > # /mnt/sh > /mnt/sh: Permission denied. > # /libexec/ld-elf.so.1 /mnt/sh > /mnt/sh: mmap of data failed: Permission denied
This is due to r313967 | kib | 2017-02-19 22:51:04 +0200 (Sun, 19 Feb 2017) | 24 lines Apply noexec mount option for mmap(PROT_EXEC). _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"