Mailinglist Archive: opensuse-security (320 mails)
| < Previous | Next > |
AW: [suse-security] perl script drop
- From: TORSTEN.NEUMANN@xxxxxx
- Date: Mon, 12 May 2003 14:05:45 +0200
- Message-id: <13FEA0BEF75ED31192D50000F6CCC5E90379B785@XNT-FRABASE-6>
noexec mount option doesn´t help at all:
$ mount
/dev/vg00/lvol9 on /mnt type reiserfs (rw,noexec)
$ ./hello
-bash: ./hello: Permission denied
$ /lib/ld-linux.so.2 ./hello
hello world
$ file hello
hello: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for
GNU/Linux 2.2.0, dynamically linked (uses shared libs), not stripped
Regards
Torsten
> ----------
> Von: Peter Wiersig[SMTP:wiersig-ml@xxxxxxxxxxxxx]
> Gesendet: Montag, 12. Mai 2003 13:48
> An: suse-security@xxxxxxxx
> Betreff: Re: [suse-security] perl script drop
>
> petry wrote:
> > Only a small hint for the /tmp-partition: mount it as follows in
> > /etc/fstab
> >
> > /dev/hda5 /tmp ext2 rw,nosuid,nodev,noexec
> >
> > with the noexec-parameter so no one is able to execute a created
> > script from that directory
>
> Only when the script interpreter is located on the noexec partition:
>
> $ cat FreeSpace/hello.pl
> print "Hello world\n";
> wiersig@peter:~
> $ ls -l FreeSpace/hello*
> -rw-r--r-- 1 wiersig wiersig 23 May 12 13:47 FreeSpace/hello.pl
> -rw-r--r-- 1 wiersig wiersig 17 May 12 13:45 FreeSpace/hello.sh
> wiersig@peter:~
> $ perl FreeSpace/hello.pl
> Hello world
>
> mount options don't help when faced with scripts.
>
> Have fun,
> Peter
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
$ mount
/dev/vg00/lvol9 on /mnt type reiserfs (rw,noexec)
$ ./hello
-bash: ./hello: Permission denied
$ /lib/ld-linux.so.2 ./hello
hello world
$ file hello
hello: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for
GNU/Linux 2.2.0, dynamically linked (uses shared libs), not stripped
Regards
Torsten
> ----------
> Von: Peter Wiersig[SMTP:wiersig-ml@xxxxxxxxxxxxx]
> Gesendet: Montag, 12. Mai 2003 13:48
> An: suse-security@xxxxxxxx
> Betreff: Re: [suse-security] perl script drop
>
> petry wrote:
> > Only a small hint for the /tmp-partition: mount it as follows in
> > /etc/fstab
> >
> > /dev/hda5 /tmp ext2 rw,nosuid,nodev,noexec
> >
> > with the noexec-parameter so no one is able to execute a created
> > script from that directory
>
> Only when the script interpreter is located on the noexec partition:
>
> $ cat FreeSpace/hello.pl
> print "Hello world\n";
> wiersig@peter:~
> $ ls -l FreeSpace/hello*
> -rw-r--r-- 1 wiersig wiersig 23 May 12 13:47 FreeSpace/hello.pl
> -rw-r--r-- 1 wiersig wiersig 17 May 12 13:45 FreeSpace/hello.sh
> wiersig@peter:~
> $ perl FreeSpace/hello.pl
> Hello world
>
> mount options don't help when faced with scripts.
>
> Have fun,
> Peter
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>
| < Previous | Next > |