No executables in /tmp
Jeff Schroeder
jeff at zingstudios.net
Mon Mar 27 15:28:31 MST 2006
Thanks for the confirmation, all... as I suspected, securing executables
(err, scripts) in the /tmp directory is non-trivial. However, I wonder
if something like this would work:
1) Move the main Perl executable from /usr/bin/perl to,
say, /usr/bin/perl-real.
2) Create a new file /usr/bin/perl that's a shell script:
#!/bin/bash
if [ -z "`echo $@ | grep ^/tmp`" ] && [ -z "`echo $PWD | grep ^/tmp`"];
then /usr/bin/perl-real $@; fi
Basically this just takes the arguments to "perl blah blah" and checks
whether the first one begins with "/tmp", then also checks whether /tmp
is the current directory. It would prevent things like
perl /tmp/my-evil-script.pl
and
cd /tmp ; perl my-evil-script.pl
Although it wouldn't stop
cat /tmp/my-evil-script.pl | perl
or even
perl /./tmp/my-evil-script.pl
Of course, the whole intent of these shenanigans is to prevent automated
cracks from succeeding. The ones I've seen tend to save a file in /tmp
and then just run Perl against it. I think this would stop those guys
cold.
Any thoughts? Comments? Am I missing something obvious?
(Naturally I'm nervous about doing something like replacing the system
Perl command with a hack of a shell script...)
Thanks,
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://plug.org/pipermail/plug/attachments/20060327/462623b9/attachment.bin
More information about the PLUG
mailing list