Full Disclosure mailing list archives

Re: Re: January 15 is Personal Firewall Day, help the cause

From: Michal Zalewski <lcamtuf () ghettot org>
Date: Mon, 19 Jan 2004 20:02:19 +0100 (CET)

On Mon, 19 Jan 2004 Valdis.Kletnieks () vt edu wrote:

Easy one. Execute "/lib/ld-linux.so.2 /tmp/code".

This long-standing issue is fixed in the Linux 2.6.0 kernel.


How is it an issue? I think it is a feature - it is noexec that is pretty
badly broken by design, and nearly impossible to render secure... and what
does Linux kernel have to do with addressing it?

Disclaimer: I don't have 2.6 sources at hand, maybe this is the case
(although I somehow doubt there is a reasonable way to fix it kernel -
how, by refusing PROT_EXEC mappings from files on noexec partitions? hope
not).

-- 
------------------------- bash$ :(){ :|:&};: --
 Michal Zalewski * [http://lcamtuf.coredump.cx]
    Did you know that clones never use mirrors?
--------------------------- 2004-01-19 19:58 --

   http://lcamtuf.coredump.cx/photo/current/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause, (continued)
- - - RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
    - RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
    - RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
    - Re: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Jim Race (Jan 18)
    - Re: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
    - RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Bill Royds (Jan 18)
    - RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Mike Marshall (Jan 18)
    - Re: Symantec AntiVirus and AOL Joshua Levitsky (Jan 18)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Martin Mačok (Jan 19)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Valdis . Kletnieks (Jan 19)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Michal Zalewski (Jan 19)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Valdis . Kletnieks (Jan 19)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Michal Zalewski (Jan 19)
    - Re: linux noexec (Re: January 15 is Personal Firewall Day) Martin Mačok (Jan 20)
    - Re: Re: January 15 is Personal Firewall Day, help the cause Mary Landesman (Jan 16)
    - Re: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 16)
    - Re: Re: January 15 is Personal Firewall Day, help the cause jan . muenther (Jan 16)
    - Re: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 16)
    - RE: Re: January 15 is Personal Firewall Day, help the cause Bill Royds (Jan 16)
    - RE: Re: January 15 is Personal Firewall Day, help the cause Erik van Straten (Jan 17)
    - Re: Re: January 15 is Personal Firewall Day, help the cause jan . muenther (Jan 17)

(Thread continues...)