Menu
▾
▴
Re: [Exist-development] [HEADS-UP] Merge in of Security Branch
|
From: Hungerburg <pc...@my...> - 2012-02-09 10:50:08
|
Am 2012-02-08 23:03, schrieb Adam Retter: > > I just wrote a small bash script and a C program on my Macbook and > compared the Unix permissions required to execute each, to check. > The bash script requires both read and execute bits when executed as > '$ ./hello.sh' and bash cmd requires execute, BUT only requires read > when executed as '$ bash hello.sh', whilst bash cmd requires execute. > The C program, only requires the execute bit to execute. May I explore the unix model? I do not know every detail and simplify a lot... First there is the shell, it wraps the kernel, you use it to operate the computer. If you enter "ls" at the prompt, it will interpret this as a command and will search PATH for a file, that is called "ls". It will then find "/bin/ls", and if this is marked executable it will call to the kernel to execute that. The kernel I suppose now has to find out, what kind of contents there are in the file. It will have to read the first N bytes or the first line and do its magic. If the signature matches a process image, it will call the linker to complete it, change its persona to the users and hand over execution to it. If the file starts with a hashbang #! the kernel will read the name of the interpreter from the line, execute that one passing the file name as an argument. While the script is running, you will see in "ps" the interpreter and the script name. So "./hello.sh" is just a convenient shorthand for "/bin/sh hello.sh". One will understand, why a user can only run scripts, that she can read. Only recently, there was this local exploit on linux kernels, where the attacker would read some suid binary to determine return addresses of functions in order to overwrite them with shell code. Making the command NOT readable by the user proved insufficient to prevent the exploit, see http://blog.zx2c4.com/749 Update 3. In eXist speak, the request servlet would map to the shell, the xquery servlet to the interpreter. A very clear analogy. Java'd be the native executable format. Is it like that? If so, it should not be lightly broken. -- peter |
