Olaf Kirch(okircaldera.de)Tue, Apr 23, 2002 at 09:27:53AM +0200:
> On Mon, Apr 22, 2002 at 09:43:32AM +0300, Sabau Daniel wrote:
> > boxes and i've been succesfull, please if anyone know how to eliminate
> > this hole in my security give me a replay. If i try to change the mode on
>
> You can't fix it. You can always do
>
> cp file-with-mode-444-perms ./foobar
> chmod +x foobar
> ./foobar
>
> Unix file permission bits aren't really orthogonal, especially r and x.
> Even though it may give some admins a deep feeling of satisfaction,
> playing with the r and x bits accomplishes nothing in terms of security.
>
> Olaf
> --
> Olaf Kirch | Anyone who has had to work with X.509 has probably
> okircaldera.de | experienced what can best be described as
> ------------------+ ISO water torture. -- Peter Gutmann

Oh? What about (as the original poster said) if you have user directories
mounted as noexec? tmp as well? Where would you copy the file to so it
could exec?

-- 
Bill Weiss

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]