|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Eric Rostetter (eric.rostetter
physics.utexas.edu)Date: Tue Apr 23 2002 - 09:12:43 CDT
Quoting Sabau Daniel <dravenUBBCluj.Ro>:
> This file gives users the ability of running binaries on witch the
> user doesn't have the permission to execute, it is enough to have read
> ability on the file in order to execute it:
>
> -rwxr-xr-- 1 root root 45948 Aug 9 2001 /bin/ls
>
> but using the /lib/ld-2.2.4.so file i can execute the ls command:
>
> [08:51:36][dravenZero:~]:$/lib/ld-2.2.4.so /bin/ls /
> bin bzImage bzImage3 bzImage5 dev home lib mnt proc sbin
> usr
> boot bzImage2 bzImage4 bzImage6 etc initrd misc opt root tmp
> var
This is a old, known issue. I've known about it for about 2 years, and
I'm sure others have known about it longer. It makes an appearance on
a mailing list about once a year.
I know of no solution though to all the problems this brings up.
-- Eric Rostetter eric.rostetterHey Rocky! Watch me pull a rabbit from my hat!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]