Re^4: perl pre-execution hook

(note: the original post was changed significantly after my reply)

$ foo -bash: ./foo: /usr/bin/perl: bad interpreter: Permission denied
[download]

yes, but you can always say

$ /usr/bin/perl foo
[download]

(which would run without problem)

Comment on Re^4: perl pre-execution hook Select or Download Code

Replies are listed 'Best First'.
Re^5: perl pre-execution hook by ikegami (Patriarch) on Jan 04, 2011 at 20:27 UTC
Yeah, I've elaborated on that point while you were posting. yes, but you can always say But can the attacker? Again, it comes down to the threat model.	[reply]
Re^6: perl pre-execution hook by Anonyrnous Monk (Hermit) on Jan 04, 2011 at 20:39 UTC
But can the attacker? Why not? If the attacker can run `./foo`, s/he can almost certainly also run `/usr/bin/perl /tmp/foo`. Actually, it's more than likely that someone uploading something to `/tmp` (which can be expected to be mounted `noexec`) would try this in the first place...	[reply] [d/l] [select]
Re^7: perl pre-execution hook by ikegami (Patriarch) on Jan 04, 2011 at 21:25 UTC
he can almost certainly also run /usr/bin/perl /tmp/foo. No, it completely depends on the bug being exploited. You're approaching this from the point of view that the attacker can run arbitrary commands. If so, why are you ok with just protecting `perl`? I'm assuming the OP isn't silly, so that means he's trying to defend against some specific attack.	[reply] [d/l]
Re^8: perl pre-execution hook by Anonyrnous Monk (Hermit) on Jan 04, 2011 at 22:03 UTC
Re^9: perl pre-execution hook by ikegami (Patriarch) on Jan 04, 2011 at 22:19 UTC
Re^7: perl pre-execution hook by logix (Initiate) on Jan 04, 2011 at 20:51 UTC
And as i hinted below, executing "perl /tmp/whatever" actually happens alot. I did the no-exec thing years ago, but it doesnt solve the perl-bot problem.	[reply]