Subject: Re: chroot jail for ftpd
To: Perry E. Metzger <>
From: gabriel rosenkoetter <>
List: tech-kern
Date: 10/18/2001 14:00:43
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Oct 17, 2001 at 10:12:21PM -0400, Perry E. Metzger wrote:
> So we tell people with giant large letters to  chmod +x /usr/lib/lib*so.*
> and be done with it. Better than leaving this go forever.

How does this handle file systems mounted noexec (I would hope no
one thinks they can get away with this on /*/lib/, but you never

How about shared libraries the user builds themselves, perhaps not
software they wrote but using a third party Makefile that doesn't
include the correct permissions in its install rule? "Don't build
your own software," is a pretty lame response to these people...

If your point is that users should get a clue, I'm with you, but
what are the chances?

I've got a feeling that the problem we really want to fix is shared
libs on noexec filesystems, not shared libs minus the execute bit
in the file system...

       ~ g r @

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.0.6 (NetBSD)
Comment: For info see