efficacy of mounting with noexec
Posted Jul 20, 2006 13:15 UTC (Thu) by sweikart
In reply to: The /proc vulnerability
Parent article: The /proc vulnerability
> The latter doesn't work in recent versions of glibc ...
It worked with ld-2.2.5.so (Red Hat Linux 7.3), but not ld-2.3.3.so (Fedora Core 2).
> ... but a determined attacker could build a modified ld.so that
> doesn't check noexec.
Which can be foiled in a chroot jail by mounting writable filing systems noexec.
to post comments)