| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jan 2010 11:30:21 +0000 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Stepan Chatalyan <kehcho@...il.com> Cc: linux-kernel@...r.kernel.org Subject: Re: Hi all, bug or design flaw? > (3) I tried to execut it with "./createdfile" > [kehcho@...cho] [/tmp]$ ./createdfile > -bash: ./createdfile: /bin/bash: bad interpreter: Permission denied The kernel noexec blocks execution of binaries from the file system. It's not really a 'security' model so much as a useful historic way of stopping people running wrong things by accident, and over NFS and the like of stopping people trying to run binaries for the wrong machine > (4) I tried to execute it, but pass to bash ". /tmp/createdfile" > > [kehcho@...nadowt] [/tmp]$ . /tmp/createdfile > Probe... > > It is a kernel bug or I just report a another one? Then bash loads the file and interprets the commands - not the kernel. Data is data - there is no real distinction between "instructions" to execute and "data files" in computing. The "nosuid" bit is different. Only the kernel has the power to grant suid status so while you could run a noexec program by hand loading it you couldn't make it run setuid that way. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists