Users able to execute windows .exe though execute bit not set
Richard Sharpe
rsharpe at richardsharpe.com
Tue Apr 1 18:58:21 GMT 2003
On Tue, 1 Apr 2003, Jim McDonough wrote:
> >Hmmm, I did some testing a week or so ago, and found that removing the
> >execute permission from ACLs on the file (esp inherited ones) prevents
> >Win2K from executing the file, although it does open the file for read
> >first.
> Doesn't happen for me. It lets me execute a file for which I only have
> read access...
Right, but I was testing Win2K against NT. I know that we will fail this
test, as discussed on IRC because the POSIX open call does not allow you
to specify O_EXEC ... so I will need to do other checks here. However,
since our NFS code needs to check for X access, I can probably piggy back
on this with an IOCTL. UGLY.
We should probably have a torture test for this.
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
More information about the samba-technical
mailing list