[rsbac] can't permit execute with FF for "power users"
boldi at datacontact.hu
Mon Sep 25 14:45:43 CEST 2006
> Power user:
> pingtomi at pingtomi:/tmp$ sh x.sh
> total 64
> -rw------- 1 root root 625 2006-09-25 06:25 file2Go3kb
> -rw------- 1 root root 626 2006-09-24 06:25 fileDZCLR0
doing 'sh' is interpreting a text file as a script. It is not executing
the script. Of course, you can sh x.sh even if x.sh does not have
And yes, there might be possible ways to bypass security measures with
tricks like that for non-script files also.
More information about the rsbac