Date: Fri, 23 Sep 2005 23:27:50 +0400 From: Vasiliy <security@gugol.ru> To: Borja Marcos <borjamar@sarenet.es> Cc: freebsd-security@freebsd.org Subject: Re: Mounting filesystems with "noexec" Message-ID: <43345736.3090602@gugol.ru> In-Reply-To: <726F1E71-D4D9-4C34-848D-868C1158834E@sarenet.es> References: <F02FC593-8F19-40D4-B1E7-63B78F1E5300@sarenet.es> <43332CD7.4070107@romab.com> <726F1E71-D4D9-4C34-848D-868C1158834E@sarenet.es>
next in thread | previous in thread | raw e-mail | index | archive | help
> That said, my point is this: the amount of damage you can do from a > "native" program is greater than the damage you can achieve from a > script language, afaik. This is not the case, unfortunately. There are already a lot of exploits written in Perl, Python. Just google for "perl exploit" or something similar. And this exploits are not like "construct proper GET request for another SQL injection", but complicated buffer-overflowing ones. Also exists some tutorials like this: http://community.core-sdi.com/~juliano/withperl.txt > At least a privilege escalation should be > harder to obtain. I'm not sure about some languages such as Perl, though. As was said above, perfoming privilege escalation in scripting languages is not harder than in C, for example. So, using "noexec" option for preventing malicious code from execution is not desirable. -- wbr, Vasiliy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43345736.3090602>