Re: [PATCH] fexecve

To: Thor Lancelot Simon <tls%panix.com@localhost>
Subject: Re: [PATCH] fexecve
From: Eric Haszlakiewicz <erh%nimenees.com@localhost>
Date: Fri, 16 Nov 2012 11:31:20 -0600

On Thu, Nov 15, 2012 at 07:39:03PM -0500, Thor Lancelot Simon wrote:
> On Thu, Nov 15, 2012 at 05:18:04PM -0600, Eric Haszlakiewicz wrote:
> > 
> > Well setuid executables seem like a special case, but other than that, I
> > think I can probably manage to execute something without an exec call.
> > In fact I know I can, just by linking against any dynamic library and
> > calling one of the functions in it.
> 
> You can't load a dynamic library that's on a filesystem mounted noexec.

er... so the dynamic linker looks like it tries to mmap the file with execute
permissions, and that fails, but what's to prevent me from just reading the 
file into memory and jumping to that address?  I feel like I'm missing 
something here...

eric

Follow-Ups:
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon

References:
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon
- Re: [PATCH] fexecve
  - From: Julian Yon
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon
- Re: [PATCH] fexecve
  - From: Eric Haszlakiewicz
- Re: [PATCH] fexecve
  - From: Thor Lancelot Simon

Prev by Date: Re: [PATCH] fexecve
Next by Date: Re: [PATCH] fexecve
Previous by Thread: Re: [PATCH] fexecve
Next by Thread: Re: [PATCH] fexecve
Indexes:

Home | Main Index | Thread Index | Old Index