In article <20000211224200.F223@bug.ucw.cz>,
Pavel Machek <pavel@suse.cz> wrote:
> Sorry, disabling exec is security by obscurity (it will deter 95%
> attacks, still!). You can do exec without actually invoking exec [...]
I have to disagree on one minor point: to my knowledge, you can't simulate
the behavior of exec-ing a setuid/setgid binary from user-space without
calling exec(2).
This may be relevant for some sites, as it prevents, e.g., a compromise
of a CGI running as nobody from allowing the user to trivially gain root
access by exploiting a hole in some setuid program. (Typically in Linux,
and most other Unices I've seen, once you've gotten access to any user
on the system, it is not too hard to get root access; disabling exec(2)
offers some hope of improving this unpleasant situation.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Feb 23 2000 - 21:00:25 EST