Sabau Daniel schrieb am Mon, Apr 22, 2002 at 09:43:32AM +0300: > or: > lrwxrwxrwx 1 root root 11 Apr 15 12:01 /lib/ld-linux.so.2 > -> ld-2.2.4.so > > This file gives users the ability of running binaries on witch the > user doesn't have the permission to execute, it is enough to have read > ability on the file in order to execute it: > > -rwxr-xr-- 1 root root 45948 Aug 9 2001 /bin/ls > > but using the /lib/ld-2.2.4.so file i can execute the ls command: > > [08:51:36][draven@Zero:~]:$/lib/ld-2.2.4.so /bin/ls / > bin bzImage bzImage3 bzImage5 dev home lib mnt proc sbin > usr > boot bzImage2 bzImage4 bzImage6 etc initrd misc opt root tmp > var > > i do not have root preveleges on this account: > > [08:51:38][draven@Zero:~]:$id > uid=1000(draven) gid=10(wheel) groups=10(wheel),16(trust) I cannot reproduce this behaviour: # id uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) # ls -l /bin/ls -rwxr-x--- 2 root root 45948 Aug 9 2001 /bin/ls # exit $ id uid=500(birger) gid=500(birger) groups=500(birger) $ ls bash: /bin/ls: Permission denied $ /lib/ld-2.2.4.so /bin/ls /bin/ls: error while loading shared libraries: /bin/ls: cannot open shared object file: Permission denied $ uname -r 2.4.18 $ cat /etc/redhat-release Red Hat Linux release 7.2 (Enigma) So it has either something to do with the groups you're in (wheel?) or grsececurity is doing something weird to your kernel - or its both ;-) - which means, no, I don't have grsecurity in my kernel setup. And be sure /lib/ld-2.2.4.so has no "s" bit set somewhere, the default is 755. Regards, Birger
This archive was generated by hypermail 2b30 : Wed Apr 24 2002 - 14:39:29 PDT