On Saturday May 13, [email protected] wrote:
> >
> > Every Unix I've ever seen works this way. It'd be nice to have
> > unreadable executable scripts, but no one's ever done it.
>
> The solution would be to either stick bash in the kernel (YUCK!)
> or to have the kernel basically copy the read-only script to /tmp
> or somewhere else, set permissions to sane values and
> /bin/sh /tmp/foo.a12345.
... or open the script file (which there kernel has to do anyway),
attach it to some unused fd (e.g. fd3) and pass "/dev/fd/3" to the
interpreter rather than "/the/shell/script".
Then the interpreter doesn't need to be able to open the file for
read.
However it isn't clear that this is really a gain, as the person
running the script could use ptrace or similar to take a copy of the
script, the bypassing the missing 'r' permission.
Mind you, with ptrace, it isn't too hard to get a copy of a normal
executable that is mode '111'....
The whole concept of having files that are executable but not readable
is completely broken - it gives the appearance of protection without
the reality.
NeilBrown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]