Vulnerability Development mailing list archives
RE: /lib/ld-2.2.4.so
From: "Tech Support" <tech () chilitech net>
Date: Wed, 24 Apr 2002 22:18:12 -0400
Even if /home isn't mounted as noexec you can still prevent it if you do it right: [support@shell matth]$ telnet bash: /usr/bin/telnet: Permission denied [support@shell matth]$ ls -l /usr/bin/telnet -rwxr-x--- 1 root outgoing 62304 Apr 15 1999 /usr/bin/telnet [support@shell matth]$ cp /usr/bin/telnet ~/ cp: /usr/bin/telnet: Permission denied This is because the user "support" is not in the group "outgoing" hence they can't do ANYTHING to that file. ~ Matt -----Original Message----- From: FozZy [mailto:fozzy () dmpfrance com] Sent: Wednesday, April 24, 2002 5:12 PM To: Olaf Kirch Cc: draven () UBBCluj Ro; vuln-dev () securityfocus com; focus-linux () securityfocus com Subject: Re: /lib/ld-2.2.4.so
You can't fix it. You can always do cp file-with-mode-444-perms ./foobar chmod +x foobar ./foobar
Well, not "always". I used to be on a system where home partitions, /tmp, and any place where you can write something, were mounted as noexec. There was also no compiler, etc. But, with this trick a cracker could upload his favorite binary exploit and easily run it. FozZy
Current thread:
- Re: /lib/ld-2.2.4.so, (continued)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 24)
- Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
- Re: /lib/ld-2.2.4.so Kurt Seifried (Apr 25)
- Re: /lib/ld-2.2.4.so Robert A. Seace (Apr 25)
- nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Anibal Ambertin (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) c0n (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Bill Weiss (Apr 26)
- Re: nobody suid shell (kind of relationship with the ld-2.2.4 thread...) Jim Nanney (Apr 26)
- Re: /lib/ld-2.2.4.so Bill Weiss (Apr 24)
- Re: /lib/ld-2.2.4.so Florian Weimer (Apr 26)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 24)
- Re: /lib/ld-2.2.4.so FozZy (Apr 24)
- RE: /lib/ld-2.2.4.so Tech Support (Apr 25)
- Re: /lib/ld-2.2.4.so SpaceWalker (Apr 26)
- Re: /lib/ld-2.2.4.so Michal Zalewski (Apr 25)
- Re: /lib/ld-2.2.4.so Olaf Kirch (Apr 25)
- Re: /lib/ld-2.2.4.so Dmitry Alyabyev (Apr 25)