Re: /lib/ld-2.2.4.so

From: Bill Weiss (houdini@nmt.edu)
Date: 04/25/02 

Date: Wed, 24 Apr 2002 16:02:36 -0600
From: Bill Weiss <houdini@nmt.edu>
To: vuln-dev@securityfocus.com, focus-linux@securityfocus.com

Olaf Kirch(okir@caldera.de)@Tue, Apr 23, 2002 at 09:27:53AM +0200:
> On Mon, Apr 22, 2002 at 09:43:32AM +0300, Sabau Daniel wrote:
> > boxes and i've been succesfull, please if anyone know how to eliminate
> > this hole in my security give me a replay. If i try to change the mode on
>
> You can't fix it. You can always do
>
> cp file-with-mode-444-perms ./foobar
> chmod +x foobar
> ./foobar
>
> Unix file permission bits aren't really orthogonal, especially r and x.
> Even though it may give some admins a deep feeling of satisfaction,
> playing with the r and x bits accomplishes nothing in terms of security.
>
> Olaf
> --
> Olaf Kirch | Anyone who has had to work with X.509 has probably
> okir@caldera.de | experienced what can best be described as
> ------------------+ ISO water torture. -- Peter Gutmann

Oh? What about (as the original poster said) if you have user directories
mounted as noexec? tmp as well? Where would you copy the file to so it
could exec? 

-- 
Bill Weiss

Relevant Pages

  • Re: /lib/ld-2.2.4.so
    ... > boxes and i've been succesfull, please if anyone know how to eliminate ... > this hole in my security give me a replay. ... playing with the r and x bits accomplishes nothing in terms of security. ...
    (Vuln-Dev)
  • Re: Network Security
    ... In one of my first jobs, ... We closed the security hole ... >still needed to know who was the perpetrator, ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Back Doors (was: EXCP with a DEB)
    ... The first thing to do upon finding a security hole is to notify the vendor. ... IBM will generally understand the hole, and fix it within a reasonable time. ... Said someone else might use the security hole maliciously, ... Secrecy is only beneficial to security in limited circumstances, and certainly not with respect to vulnerability or reliability information. ...
    (bit.listserv.ibm-main)
  • Re: Potential hole in Ettercap 0.6.2
    ... I think the guidelines are pretty well outlined in the ... information should be posted to the VULN-DEV list: ... "Here's a script to exploit the hole.." ... potential security impact. ...
    (Vuln-Dev)
  • Re: Security Audit
    ... Subject: Security Audit ... that if you're conducting a "blind" external pen test, ... only addressing one hole on one server. ... at the patch levels on each one. ...
    (Pen-Test)