No executables in /tmp
mike at halcrow.us
Wed Apr 5 11:57:55 MDT 2006
On Wed, Apr 05, 2006 at 11:08:18AM -0600, Von Fugal wrote:
> * justin gedge [Tue, 28 Mar 2006 at 09:32 -0700]
> > I know the #!/usr/bin/perl along w/ an executable file tells UNIX that
> > you need to run the /usr/bin/perl executable- is everything else in the
> > script passed to perl through STDIN, it can't be- there has to be some
> > other mechanism-
> Basically, the shell sees the #! and turns around and executes:
> <command after #!> <filename>
It's not the shell; it's actually the kernel that does that.
That's why you can assign types directly to scripts and have SE Linux
govern them, without any modification to the shell.
For more enlightenment on the subject, see ``man execve''. Or check
out some of the code and data structures in the kernel source,
indicating that the kernel is congizant of the fact that there may be
an interpreter involved:
And a quick test of execve() (which does not involve the shell; it
goes through libc to make the syscall) confirms that you can ask the
kernel to execute a script directly.
Michael A. Halcrow
Security Software Engineer, IBM Linux Technology Center
GnuPG Fingerprint: 419C 5B1E 948A FA73 A54C 20F5 DB40 8531 6DCA 8769
When all is said and done, more usually gets said than done.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 481 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20060405/bb6792e2/attachment.bin
More information about the PLUG