Subject: Re: chroot jail for ftpd
To: Perry E. Metzger <firstname.lastname@example.org>
From: gabriel rosenkoetter <email@example.com>
Date: 10/18/2001 14:00:43
Content-Type: text/plain; charset=us-ascii
On Wed, Oct 17, 2001 at 10:12:21PM -0400, Perry E. Metzger wrote:
> So we tell people with giant large letters to chmod +x /usr/lib/lib*so.*
> and be done with it. Better than leaving this go forever.
How does this handle file systems mounted noexec (I would hope no
one thinks they can get away with this on /*/lib/, but you never
How about shared libraries the user builds themselves, perhaps not
software they wrote but using a third party Makefile that doesn't
include the correct permissions in its install rule? "Don't build
your own software," is a pretty lame response to these people...
If your point is that users should get a clue, I'm with you, but
what are the chances?
I've got a feeling that the problem we really want to fix is shared
libs on noexec filesystems, not shared libs minus the execute bit
in the file system...
~ g r @ eclipsed.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see http://www.gnupg.org
-----END PGP SIGNATURE-----