|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: mmap(), security and /dev/zero
From: Alan Barrett (apb
cequrux.com)
Date: Thu Jun 24 2004 - 03:58:54 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 24 Jun 2004, Daniel Carosone wrote:
> If the shlib needed x bits in order to be executed, and the filesystem
> it was on was noexec, then the potential hole is closed.
So, at present, the situation is:
shlibs must be in files that have "r" permission.
Several people have proposed:
shlibs must be in files that have both "r" and "x" permission.
shlibs must be on file systems that honour "x" permission
(that is, were not mounted with the noexec option).
but several others have opposed it.
How does the following compromise sound?
shlibs must be in files that have "r" permission.
shlibs must be on file systems that honour "x" permission
(that is, were not mounted with the noexec option).
--apb (Alan Barrett)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]