lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: martin.macok at underground.cz (Martin Mačok)
Subject: linux noexec (Re: January 15 is Personal Firewall Day)

On Mon, Jan 19, 2004 at 06:46:40PM -0500, Valdis.Kletnieks@...edu wrote:

> On Mon, 19 Jan 2004 20:02:19 +0100, Michal Zalewski said:
> 
> > How is it an issue? I think it is a feature - it is noexec that is
> > pretty badly broken by design, and nearly impossible to render
> > secure...
> 
> In what way is it "badly broken"?

Flagging the file to be an executable or not does not guarantee that
no one will ever read and execute the instructions written in the file.

-- 
         Martin Ma?ok                 http://underground.cz/
   martin.macok@...erground.cz        http://Xtrmntr.org/ORBman/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ