Re: exec on /usr/src?

From: Mateusz Guzik <mjguzik_at_gmail.com>
Date: Sun, 22 Sep 2013 21:29:20 +0200
On Sun, Sep 22, 2013 at 09:41:55AM -0600, Ian Lepore wrote:
> On Sun, 2013-09-22 at 09:37 -0500, Larry Rosenman wrote:
> > Is it intended that we need to set exec=on for /usr/src after the 
> > include/mk-osreldate.sh addition?
> > 
> > 
> 
> Are you saying you have /usr/src mounted with the noexec option and
> that's preventing the script from running?  The mount manpage says that
> you may still run scripts from a noexec mount, but maybe that's
> outdated.
> 

I'm pretty sure this it tries to say that if there is a script on a
noexec fs, you still can run it just like you did in your patch.

While such a way to "bypass" noexec for scripts seems obvious, I guess
it makes sense to document it so that noone does 'sh/python/perl foo'
and claims a vulnerability was discovered (it would be impossible to
"fix" this anyway).

-- 
Mateusz Guzik <mjguzik gmail.com>
Received on Sun Sep 22 2013 - 17:29:28 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:41 UTC