On Tue, Jan 03, 2012 at 04:04:04PM +0100, Axel Beckert wrote: > Hi, > > Roger Leigh wrote: > [/tmp mounted noexec] > > > /run/shm (IIRC formerly /dev/shm) likely would be an > > > alternative option, too. > > > > No, it would not. This directory is reserved for the eglibc > > POSIX SHM/SEM interfaces. > > Thanks for this explanation. It's the first time I read or hear about > the purpose of this mountpoint although I wondered about its purpose > for years now. (But never actively tried to find out. :-)
shm_overview(7) has some background. It's not obvious it's in use because most users unlink their file as soon as it's created, giving the false impression it's empty! > Bastian Blank wrote: > > On Tue, Jan 03, 2012 at 10:05:46AM +0000, Roger Leigh wrote: > > > If you really need to use a filesystem mounted noexec, just run > > > the binary via /lib/ld.so (you'll need to get the real location > > > from e.g. ldd). Something like: > > > > The kernel does not allow executable mappings from noexec filesystems, > > so this does not work. > > > > | $ /lib64/ld-linux-x86-64.so.2 ./ls > > | ./ls: error while loading shared libraries: ./ls: failed to map segment > > from shared object: Operation not permitted > > Thanks for the comment. Cc'ing the relevant bug again, as this is > crucial information when I work on fixing the bug. > > Roger Leigh wrote: > > Or query for DT_INTERP directly and run that. > > Never heard of that before. Searching the web just found hits > indicating it seems part of the ELF header. No idea how to work with > it, though. Any hints? objdump would probably be the tool of choice. But if ld.so won't run programs on noexec filesystems, it's moot. Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120104112103.gc18...@codelibre.net
