Danail Petrov wrote:
[EMAIL PROTECTED]:/srv$ mount | grep srvGeorgi Chorbadzhiyski wrote:
Vasil Kolev wrote:
On ÐâÐâ, 2005-01-20 at 23:12 +0200, Nikola Antonov wrote:
On Thursday 20 January 2005 19:54, Peter Georgiev wrote:
ÐÑÐÐÐÑÐÒÐÐÐÑ.
ÐÑÐÂÐâ-ÐÐÐÂÐÐÐÑÐÐÐâÐÐÐÑ ÐÐРÐâРÐÑÐÐÐÑÐÂÐÑÐÂÐÑ ÐÑÐÐÐÂРÐÐÐÐÐÑÐÑÐÐ php ÐÑÐÐÐÂÐÐÐÑÐÑÐÑÐÐÐâ.
ÐÂÐÂÐâÐÑ ÐÐÐÐÐÑÐâÐÑÐÑ ÐÂÐÑÐÑÐÑÐÐÐÂ, ÐÑÐÑÐÂРÐÑ ÐÒРÐÑÐâÐÑÐÐÐÑÐÂÐâ ÐÐÐÂÐâÐÑ.
ÐÑРÐÑÐÐÐÐÐÐÐÑ ÐÐÐÐÐÂÐÑРÐÑÐÂÐÑÐÂÐÑÐÐÐÂÐâ ÐÑÐÂÐâÐÑÐÐÐÂÐâРÐÑÐâ ÐÑÐÐÐÂÐÂÐÂÐâРÐÒÐÑÐÑÐÂÐâÐÑ ÐÐÐÂ
ÐÐÐÑ ÐÑÐÂÐÐÐÐÐÐÐÑÐâ ÐÐÐÂÐÑÐÐÐÂÐÐÐÑ ÐÑÐÂÐÑÐÐÐÑ ÐÐРÐÑÐÑÐÐÐÂÐÂÐÂÐÐÐÑÐÐÐâРÐÑ ÐÑÐÂÐÑ ÐÒРÐÐÐÂ
ÐÂÐÑÐÐÐÑÐâ ÐÐ ÐâÐÐÐâ.
ÐÑÐÑÐÐÐÂÐâРÐÐÐÑÐâÐÑ ÐÑÐÑÐÐÐÑÐÐÐÂÐâÐÐÐÑ ÐÐРÐÑÐÑÐÑРÐÒРÐâÐÑ ÐÑÐÂÐÂÐÂ, ÐÑÐÐÐÐÐÂÐÐ
ÐÒРÐÐÐÑÐÒÐÂÐâÐâÐÐÐÂÐâ ÐÑÐÑ-ÐâÐÂÐÐÐâÐÑ.
ÐâÐÐÐÂÐÑ, ÐâРÐÐРÐâÐÑ ÐÑÐÑÐÑÐÂÐÑÐÂÐÑ, ÐÐÐÑ... ÐÑÐÂÐâÐÑ
Ðï ÐÑÐâРÐÂÐÒÐÑÐÐ ÐÐÐÐÐÐÐÂÐâ - ÐÑÐÑÐÐÐâÐÑÐÐÐÂÐâ /tmp ÐÐ noexec. ÐÑÐÂÐÑРÐÒÐÑÐÐÐÑ ÐÑ ÐÒРÐÑÐÐÐÑÐÂÐÑÐÐÐâ, ÐÐÐÐÐÑРÐÒРÐÑÐÑÐÑÐÂÐâ ÐÒРÐÑÐÂÐÑÐÐÐÂÐÐÐÐÐâ ÐÑÐÂÐÑÐÐÐÑÐâÐÑ ÐÑ ÐÒРÐÂÐÑÐÂÐÑ ÐÑÐâ ÐâÐÑÐÐРÐÑÐÐÐÐÐâÐÑ. ÐÑ ÐÐ /tmp ÐÐРÐÂÐÑ ÐâÐÐÐÐÐÂÐÐÐÂÐÂÐÑ ÐÒРÐÐРÐÒÐÂÐÐРÐÐРÐÐÐÂÐÂÐÐÐÑÐâРÐÒРÐÑÐÂÐÑÐÐÐÂÐÐÐÐÐÐÐÂÐâ ÐâÐÂÐâÐÂÐÑÐÐÐÂ.
/dev/vg2/tmp on /tmp type reiserfs (rw,noexec,nosuid,nodev,noatime)
ÐÑÐÂÐÑÐâÐÑ ÐÐРÐÑÐÂÐÂÐÐÐÂ, don't be afraid to be paranoid :)
ÐâÐÐÐÐÐÑРÐÑÐÂÐÂÐÐÐÑ-ÐÒÐÑÐÐÐâÐÐÐÑÐÐРÐÒÐÑÐÐÐÂÐÑÐâÐÑÐÐÐÑÐРРÐâÐÑÐÂÐÂÐÐÐÑ ÐÒРРÐÑÐÑÐÐÐâÐÑÐÐÐÂÐÐРnosuid,nodev ÐÑ
ÐÂÐÐÐÂÐÐÐâÐÑÐÂÐÂÐÐÐÑ noexec. ÐÑÐÂÐÑÐÂÐÐ ÐâÐÂ, noexec ÐÐÐÐÐÑРÐÒРÐÐÐÑÐÂÐÐÐÑ ÐÂÐÑÐÑ ÐÑÐÑÐÂÐâ ÐÑÐÐÐÐÐâÐÂÐÂÐÑÐÐÐÂÐÐ
perl ÐÑÐÂÐÑ python. ÐâРÐâÐÂÐÐÐâÐÑРÐÑÐÑÐÐРÐÐ 2.6 ÐâÐÐÐÑÐÑР/lib/ld.so program ÐÐÐÂ
ÐÐÐÂÐÂÐÑÐâÐÑ.
ÐÐÐÑÐÑÐÐÐÑÐ Ñ noexec ÑÑÑÐ ÐÑÐÐ ÐÐ ÐÐÐÐÐÐÐ ÐÑÐÐÐÐÐÐ Ð ÑÐÑÑÐÑ: result from `mount`:
/dev/hda3 on /web type reiserfs (rw,noexec,nosuid)
hosting:/web# echo 'echo test' > test.sh hosting:/web# chmod 755 test.sh hosting:/web# ./test.sh -su: ./test.sh: Permission denied hosting:/web# sh test.sh test hosting:/web#
ÐÐÐÑÐÐ ÐÐÐ ÑÐ ÑÐ ÐÐÐÑÐÑÐÐÐÐ ÐÑÐÐ phpBB , ÐÐÐÐ ÐÑÐ ÐÐÐ ÐÐÐÑÐÐÐÐÐÑÐ ÐÐÑÐ ÑÑÑÐÑÐ.
ÐÐÐÐÑÐÐÐ,
ÐÐÐÐÐÐ ÐÐÑÑÐÐ
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
/dev/mapper/vg0-srv on /srv type reiserfs (rw,noexec,nosuid,nodev)
[EMAIL PROTECTED]:/srv$ pwd
/srv
[EMAIL PROTECTED]:/srv$ ls
uname www
[EMAIL PROTECTED]:/srv$ ./uname -r
bash: ./uname: Permission denied
[EMAIL PROTECTED]:/srv$ /lib/ld-linux.so.2 ./uname -r
./uname: error while loading shared libraries: ./uname: failed to map segment from shared object: Operation not permitted
[EMAIL PROTECTED]:/srv$
pomaga, zashto da ne pomaga noexec, samo che tvoq primer e sus shell script.
ot man mount:
"noexec - Do not allow execution of any binaries on the mounted file system."
pozdravi, Georgi Alexandrov
P.S. nqmam vuzmojnost v momenta za kirilica :-)
============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================
