On Mon, Nov 17, 2003, Ron Artstein wrote about "Re: [Haifux] SOLVED: Permission denied": > (By the way, is the noexec mount option used for anything other > than not allowing an executable file to run?)
No, this is exactly what noexec is for (as far as I know). Imagine that you are mounting some removable media that you don't trust, say a CD-ROM a friend gave you, or some co-worker's NFS'ed filesystem. Continue and imagine that you have the current directory in your path. Now, you 'cd' into the newly mounted system, run "ls", and presto - you run some fake "ls" from that untrusted directory! Ooops! The noexec option to mount prevents this from happening. Of course, it doesn't stop the user from jumping through hoops in order to run something from that filesystem (e.g., by copying the binary to his own directory and running it), but it prevents the "obvious" traps. -- Nadav Har'El | Wednesday, Nov 19 2003, 24 Heshvan 5764 [EMAIL PROTECTED] |----------------------------------------- Phone: +972-53-790466, ICQ 13349191 |Share your knowledge. It's a way to http://nadav.harel.org.il |achieve immortality. -------------------------------------------------------------------------- Haifa Linux Club Mailing List (http://www.haifux.org) To unsub send an empty message to [EMAIL PROTECTED]
