Vulnerability Development mailing list archives
Re: /lib/ld-2.2.4.so
From: SpaceWalker <spacewalker () altern org>
Date: Fri, 26 Apr 2002 23:10:30 +0200
So, it's not more hard to upload a staticaly linked version of the same telnet program on the box... I really think that when you give a shell to someone, you assume he'll be able to launch code, by thousands of ways. On Wed, 24 Apr 2002 22:18:12 -0400 "Tech Support" <tech () chilitech net> wrote:
Even if /home isn't mounted as noexec you can still prevent it if you do it right: [support@shell matth]$ telnet bash: /usr/bin/telnet: Permission denied [support@shell matth]$ ls -l /usr/bin/telnet -rwxr-x--- 1 root outgoing 62304 Apr 15 1999 /usr/bin/telnet [support@shell matth]$ cp /usr/bin/telnet ~/ cp: /usr/bin/telnet: Permission denied
Current thread:
- Re: /lib/ld-2.2.4.so, (continued)
- Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
- Re: /lib/ld-2.2.4.so Kurt Seifried (Apr 25)
- Re: /lib/ld-2.2.4.so Robert A. Seace (Apr 25)
- nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Anibal Ambertin (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) c0n (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Bill Weiss (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Jim Nanney (Apr 26)
- Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
- Re: /lib/ld-2.2.4.so Florian Weimer (Apr 26)
- Re: /lib/ld-2.2.4.so FozZy (Apr 24)
- RE: /lib/ld-2.2.4.so Tech Support (Apr 25)
- Re: /lib/ld-2.2.4.so SpaceWalker (Apr 26)
- Re: /lib/ld-2.2.4.so Michal Zalewski (Apr 25)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 25)
- Re: /lib/ld-2.2.4.so Dmitry Alyabyev (Apr 25)