From owner-freebsd-security@FreeBSD.ORG Sat Sep 24 20:33:22 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A799816A41F for ; Sat, 24 Sep 2005 20:33:22 +0000 (GMT) (envelope-from suporte@wahtec.com.br) Received: from galois.wahtec.com.br (galois.wahtec.com.br [200.96.65.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 37BC743D48 for ; Sat, 24 Sep 2005 20:33:20 +0000 (GMT) (envelope-from suporte@wahtec.com.br) Received: (qmail 84126 invoked by uid 98); 24 Sep 2005 20:33:18 -0000 Received: from 127.0.0.1 by brasil.intranet (envelope-from , uid 1024) with qmail-scanner-1.24 (f-prot: 4.4.7/3.14.13. spamassassin: 2.63. Clear:RC:1(127.0.0.1):. Processed in 0.10102 secs); 24 Sep 2005 20:33:18 -0000 X-Qmail-Scanner-Mail-From: suporte@wahtec.com.br via brasil.intranet X-Qmail-Scanner: 1.24 (Clear:RC:1(127.0.0.1):. Processed in 0.10102 secs) Received: from unknown (HELO buddyguy) (arisjr@unknown) by unknown with SMTP; 24 Sep 2005 20:33:18 -0000 From: suporte@wahtec.com.br To: freebsd-security@freebsd.org Date: Sat, 24 Sep 2005 20:33:14 +0000 User-Agent: KMail/1.8 References: <20050924120107.11A8416A424@hub.freebsd.org> In-Reply-To: <20050924120107.11A8416A424@hub.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200509242033.15931.suporte@wahtec.com.br> Subject: Re: mounting filesystems with "noexec" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Sep 2005 20:33:22 -0000 > > On 2005.09.23 22:55:56 +0100, markzero wrote: > > With all that has been said so far, what is the actual point of > > the noexec flag? > > > >From mount(8) (yes I like quoting the docs. when we have them ;);) ): > > =A0=A0=A0=A0=A0=A0=A0=A0This option is useful for a server that has file = systems > =A0=A0=A0=A0=A0=A0=A0=A0containing binaries for architectures other than = its own. Sorry Simon and others,=20 Where the least privilege principle gone? If there isn't any necessity to h= ave=20 normal or suid binaries on a partition, why enable it? Using it on a data-only partition with a chrooted application does not limi= t=20 any possible damage? Like file upload and execution using an application=20 security flaw could be stopped at some point.=20 Saying one can easily do privilege escalation (like ppl are saying) doesn't= =20 eliminate the need of file permissions and other access policies. Regards, =2D-aristeu