> -----Original Message----- > From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On > Behalf Of Jack Woehr > Sent: Monday, October 26, 2009 11:06 AM > To: LINUX-390@VM.MARIST.EDU > Subject: Re: ldd arbitrary code execution - good coders code, > great reuse > > McKown, John wrote: > > This is a scary article. I don't have a Linux on z system > to test it out on. > > > > http://www.catonmat.net/blog/ldd-arbitrary-code-execution/ > > > > > Oh, jeez, guys. > > This is a kid's trick. The victim has to be stupid enough to > execute ldd > against > a binary in the scamming user's write permission domain. And > it doesn't run > as root when it runs, just as the moron who executed this > idiotic command, > > ldd ~jwoehr/hacks/bogus_binary > > ? Keep users who would do such things out of shell access. > Let 'em use the > web interface you provide them instead, it's safer that way. > > -- > Jack J. Woehr # <'I know what "it" means well
Problem is, I've known such. And, to be brutally honest, I could have been caught myself simply due to ignorance about how/what "ldd" works. I'm z/OS internals oriented, not Linux internals. So "well known" Linux/UNIX hacks like this could be run against me. Likely what I need is to take some good (expensive?) courses as I have in my years with z/OS and predecessors. -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * (817)-961-6183 cell john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390