Re: Hi all, bug or design flaw?
From: Alan Cox
Date: Fri Jan 22 2010 - 06:28:19 EST
> (3) I tried to execut it with "./createdfile"
> [kehcho@kehcho] [/tmp]$ ./createdfile
> -bash: ./createdfile: /bin/bash: bad interpreter: Permission denied
The kernel noexec blocks execution of binaries from the file system. It's
not really a 'security' model so much as a useful historic way of
stopping people running wrong things by accident, and over NFS and the
like of stopping people trying to run binaries for the wrong machine
> (4) I tried to execute it, but pass to bash ". /tmp/createdfile"
> [kehcho@tornadowt] [/tmp]$ . /tmp/createdfile
> It is a kernel bug or I just report a another one?
Then bash loads the file and interprets the commands - not the kernel.
Data is data - there is no real distinction between "instructions" to
execute and "data files" in computing.
The "nosuid" bit is different. Only the kernel has the power to grant
suid status so while you could run a noexec program by hand loading it
you couldn't make it run setuid that way.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/