On 7/21/07, Mulyadi Santosa <mulyadi.santosa@xxxxxxxxx> wrote:
Hi... > [root@jaspion tmp]# su jorge > [jorge@jaspion tmp]$ ./prog > bash: ./prog: Permission Deny > [jorge@jaspion tmp]$ ls -la prog > -rwxr--r-- 1 root root 6648 2007-07-21 11:21 prog > [jorge@jaspion tmp]$ /lib/ld-linux.so.2 ./prog > huhu! o/ > [jorge@jaspion tmp]$ > > it's bug? or the "ld-linux" read the elf and execute? so, dynamic > linker/loader? That's correct behaviour. AFAIK, ld-linux.so could sometimes works as loader (as we all know), but it can be invoked as executable. In the latter case, you provide an ELF executable and it will run it. Summary: to make a binary un-executable for certain uid, you can't just do it by taking off its executable permission bits, but also takes the same bits from ld-linux.so.
But it is kind of lame , isn't it? I mean you get access to ld.so and bang you can execute a binary though you were not supposed to :-/. I guess thats just not justified. But may be *nixs have all inherited the KISS thing and may be this is why it is simple though it may be a little compromising fact. Just my 2 bucks. thanks
regards, Mulyadi -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
-- play the game -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
