Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030476AbWJCTFm (ORCPT ); Tue, 3 Oct 2006 15:05:42 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1030478AbWJCTFl (ORCPT ); Tue, 3 Oct 2006 15:05:41 -0400 Received: from mail.aknet.ru ([82.179.72.26]:2573 "EHLO mail.aknet.ru") by vger.kernel.org with ESMTP id S1030476AbWJCTFl (ORCPT ); Tue, 3 Oct 2006 15:05:41 -0400 Message-ID: <4522B4F9.8000301@aknet.ru> Date: Tue, 03 Oct 2006 23:07:37 +0400 From: Stas Sergeev User-Agent: Thunderbird 1.5.0.7 (X11/20060913) MIME-Version: 1.0 To: Arjan van de Ven Cc: Linux kernel , Alan Cox , Hugh Dickins , Ulrich Drepper , Valdis.Kletnieks@vt.edu Subject: Re: [patch] remove MNT_NOEXEC check for PROT_EXEC mmaps References: <45150CD7.4010708@aknet.ru> <451555CB.5010006@aknet.ru> <1159037913.24572.62.camel@localhost.localdomain> <45162BE5.2020100@aknet.ru> <1159106032.11049.12.camel@localhost.localdomain> <45169C0C.5010001@aknet.ru> <4516A8E3.4020100@redhat.com> <4516B2C8.4050202@aknet.ru> <4516B721.5070801@redhat.com> <45198395.4050008@aknet.ru> <1159396436.3086.51.camel@laptopd505.fenrus.org> <451E3C0C.10105@aknet.ru> <1159887682.2891.537.camel@laptopd505.fenrus.org> <45229A99.6060703@aknet.ru> <1159899820.2891.542.camel@laptopd505.fenrus.org> <4522AEA1.5060304@aknet.ru> <1159900934.2891.548.camel@laptopd505.fenrus.org> In-Reply-To: <1159900934.2891.548.camel@laptopd505.fenrus.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1091 Lines: 26 Hi. Arjan van de Ven wrote: > then don't put noexec on /dev/shm. That's obviously possible, but I'd feel safer having "noexec" on *every* user-writable partition. It used to work in the past - that way an attacker had no place to run his binary from. > ld.so fix is phony. Really; I can always put an "unfixed" ld.so there > and use it as user. See above. In the past it was possible to have "noexec" on *all* user-writable mounts, so you couldn't run your own ld.so that easily. Thats why I am reluctant to take the "if it hurts, just remove noexec" argument. And since you can run the scripts via binfmt-misc, I'd also do "chmod 'o-x' perl", so that the direct invocation of perl to not be possible for unwanted users. Or do not. At least the approach I propose, allows to do this, so the "script loader" problem can also be fixed that way. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/