[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: Re: /lib/ld-2.2.4.so
From: SpaceWalker <spacewalker () altern ! org>
Date: 2002-04-26 21:10:30
[Download RAW message or body]
So, it's not more hard to upload a staticaly linked version of the same telnet program on the box... I really think that when you give a shell to someone, you assume he'll be able to launch code, by thousands of ways.
On Wed, 24 Apr 2002 22:18:12 -0400
"Tech Support" <tech@chilitech.net> wrote:
>
> Even if /home isn't mounted as noexec you can still prevent it if you do it
> right:
> [support@shell matth]$ telnet
> bash: /usr/bin/telnet: Permission denied
> [support@shell matth]$ ls -l /usr/bin/telnet
> -rwxr-x--- 1 root outgoing 62304 Apr 15 1999 /usr/bin/telnet
> [support@shell matth]$ cp /usr/bin/telnet ~/
> cp: /usr/bin/telnet: Permission denied
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic