Alexander Viro <viro@math.psu.edu>:
> On Tue, 2 Oct 2001, Rob Landley wrote:
>
> > Anybody want to venture an opinion why overwriting executable files that are
> > currently in use gives you a "text file busy" error, but overwriting shared
> > libraries that are in use apparently works just fine (modulo a core dump if
> > you aren't subtle about your run-time patching)?
> >
> > Permissions are still enforced, but it seems to me somebody who cracks root
> > on a system could potentially modify the behavior of important system daemons
> > without changing their process ID numbers.
> >
> > Did I miss something somewhere?
>
> Somebody who cracks root can attach gdb to a daemon, modify the contents of
> its text segment and detach. No need to change any files...
True, but the original problem still appears to be a bug.
Even the owner of the file should not be able to write to a busy executable,
whether it is a shared library, or an executable image. Remove it, yes.
Create a new one (in a different inode) - yes.
But not modify a busy executable.
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil
Any opinions expressed are solely my own.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Oct 07 2001 - 21:00:26 EST