Date: Mon, 15 May 2017 15:37:42 -0400 From: Nikolai Lifanov <lifanov@FreeBSD.org> To: Alexey Dokuchaev <danfe@FreeBSD.org>, Konstantin Belousov <kostikbel@gmail.com> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Ian Lepore <ian@freebsd.org> Subject: Re: svn commit: r318313 - head/libexec/rtld-elf Message-ID: <c9f4d964-e530-c767-1031-de825bcbe38d@FreeBSD.org> In-Reply-To: <20170515193609.GC28684@FreeBSD.org> References: <201705151848.v4FImwMW070221@repo.freebsd.org> <20170515185236.GB1637@FreeBSD.org> <20170515190030.GG1622@kib.kiev.ua> <1494875335.59865.118.camel@freebsd.org> <20170515192529.GH1622@kib.kiev.ua> <20170515193609.GC28684@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--uOHMxvRmxjSE6aXADTnL36hrp0cTlkFVj
Content-Type: multipart/mixed; boundary="hoRJptTirN5Wea25lBaCMtmJ3ldXQq2ni";
protected-headers="v1"
From: Nikolai Lifanov <lifanov@FreeBSD.org>
To: Alexey Dokuchaev <danfe@FreeBSD.org>,
Konstantin Belousov <kostikbel@gmail.com>
Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org,
src-committers@freebsd.org, Ian Lepore <ian@freebsd.org>
Message-ID: <c9f4d964-e530-c767-1031-de825bcbe38d@FreeBSD.org>
Subject: Re: svn commit: r318313 - head/libexec/rtld-elf
References: <201705151848.v4FImwMW070221@repo.freebsd.org>
<20170515185236.GB1637@FreeBSD.org> <20170515190030.GG1622@kib.kiev.ua>
<1494875335.59865.118.camel@freebsd.org> <20170515192529.GH1622@kib.kiev.ua>
<20170515193609.GC28684@FreeBSD.org>
In-Reply-To: <20170515193609.GC28684@FreeBSD.org>
--hoRJptTirN5Wea25lBaCMtmJ3ldXQq2ni
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
On 05/15/2017 15:36, Alexey Dokuchaev wrote:
> On Mon, May 15, 2017 at 10:25:29PM +0300, Konstantin Belousov wrote:
>> On Mon, May 15, 2017 at 01:08:55PM -0600, Ian Lepore wrote:
>>> Well, for example, it seems like it would allow anyone to execute a
>>> binary even if the sysadmin had set it to -x specifically to prevent
>>> people from running it.
>>
>> The direct mode does not (and cannot) honor set{u,g}id modes of the
>> executable, so any binary run this way would only exercise the existin=
g
>> power of the user which did it.
>>
>> The most advanced explanation that I was given in private was among
>> the lines: "if you have an environment where users can upload content
>> to a shared server, but have no access to chmod(2), no compilers, no
>> scripting languages, etc." The person then admitted that (s)he does no=
t
>> consider it as an actual concern.
>=20
> Would this now allow executing binaries (with or without +x bit) from
> filesystems mounted with -o noexec?
>=20
> ./danfe
No:
# zfs create -o mountpoint=3D/mnt -o exec=3Doff tank/TEST
# cp /bin/sh /mnt/
# /mnt/sh
/mnt/sh: Permission denied.
# /libexec/ld-elf.so.1 /mnt/sh
/mnt/sh: mmap of data failed: Permission denied
- Nikolai Lifanov
--hoRJptTirN5Wea25lBaCMtmJ3ldXQq2ni--
--uOHMxvRmxjSE6aXADTnL36hrp0cTlkFVj
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQKoBAEBCgCSFiEE5oT6TcuaWvG5gtjzZ6sv56ecR0UFAlkaA4ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEU2
ODRGQTREQ0I5QTVBRjFCOTgyRDhGMzY3QUIyRkU3QTc5QzQ3NDUUHGxpZmFub3ZA
ZnJlZWJzZC5vcmcACgkQZ6sv56ecR0U5phAAmRmHq9fmuJTe5tMECuYmixKCCnj6
kvNIU7kY2ZV4Um8UqISKEZHmpEDd8pJf288gkIGG06UPsrOwWWU/VJ8XIuF8bjii
pVV4SMzW2aY4P6qKf1COHc1oFuhkrdZj6R9FsxOqdpyRwRk+79/DOG/6YcWXAK4f
kb/4ylKnBbxPNmAWc96m6WD6n/b/Sn15ael4M80d/JJNMmzOik25AvUJIsCDVJFT
1jPmegEm2nh7hbiiqQSP86FbBbYy0+Z48imnsKyiw87V16/bu73jPRmJHnr7xnD/
nyElKNsJIfwKgRVcGEybCw1oKtT7jFikvUeJdVGmoLeS/LWAkp376Ll4LdHoqDIG
aqub7XshH4qglivxl2qmuUsjXhYLegY2x0LZzYQ218UCTXRvLs6uUcseTE9r/shi
NyEei3t68Cm1m7NZFJ1q9M5ceMcoa9QmseMEos6kX0A8SFK9ZCT1WBm1WxZAzyYG
rPfXBLNSFxTciQLPHoHoCZZu1vYClhtLg2lPpBsIVWX3s2kBlDdJgJDMA6yey//g
oUyWEmcRF3XkqMLNmCzH2CL7BcJ/IR9N3KF+ACY5IhMFhDzkO9ZUYNHlhcR9Dgsu
NjlHppkcmrqBN7PdHcA1dAfuW1YwYfBFkkOayEoj6PMVzyZklvoYKL8Z4mvTfvtg
LQAv3WBx8GMInyk=
=35s1
-----END PGP SIGNATURE-----
--uOHMxvRmxjSE6aXADTnL36hrp0cTlkFVj--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?c9f4d964-e530-c767-1031-de825bcbe38d>