Bob Vickers wrote:
Being well known for years already, a Google search on for instance 'circumvent noexec' will give you plenty of pointers where to look. The basic idea behind the noexec flag may be nice, but there are so many loopholes around it, that the amount of applications that it breaks are really not worth all the trouble. I think this is a little contentious. The important question is not whether noexec *can* be circumvented, but whether it *is* circumvented by a typical script-kiddie's exploit. If noexec stops some exploits working then you have gained a valuable extra layer of security.
I doubt that many script kiddies will be stopped by it. The loophole for shell scripts is as simple as running /bin/sh /tmp/<insert your favourite script here> instead of just firing up the script. You can even run binaries in a similar fashion. That doesn't add a lot of work for them and I really doubt if this has not become the standard already. Since setting the 'noexec' flag creates real problems in legitimate applications, antivir being just one of them, I don't think setting this flag is worth the trouble. Of course, YMMV. Arjen