'Re: /lib/ld-2.2.4.so'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    Re: /lib/ld-2.2.4.so
From:       SpaceWalker <spacewalker () altern ! org>
Date:       2002-04-26 21:10:30
[Download RAW message or body]

So, it's not more hard to upload a staticaly linked version of the same telnet program on the box... I really think that when you give a shell to someone, you assume he'll be able to launch code, by thousands of ways.

On Wed, 24 Apr 2002 22:18:12 -0400
"Tech Support" <tech@chilitech.net> wrote:

> 
> Even if /home isn't mounted as noexec you can still prevent it if you do it
> right:
> [support@shell matth]$ telnet
> bash: /usr/bin/telnet: Permission denied
> [support@shell matth]$ ls -l /usr/bin/telnet
> -rwxr-x---   1 root     outgoing    62304 Apr 15  1999 /usr/bin/telnet
> [support@shell matth]$ cp /usr/bin/telnet ~/
> cp: /usr/bin/telnet: Permission denied
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic