Once upon a time, Valeri Galtsev <galtsev at kicp.uchicago.edu> said: > Indeed, perl and often python are installed on most of servers I run. Not > considering myself security expert, I would like to ask: could you point > to some elevation of privileges exploit written in perl or python? All > I've seen were c/c++, but again I'm just a humble sysadmin. That wasn't the point; the point was that users can only run system binaries so they can only do what is "permitted". I don't know about python, but perl can make arbitrary kernel system calls (even if they aren't actually supported by perl), so having perl installed allows users to do anything a compiled program can do. Trying to control what users can do by mounting "noexec" is not particularly limiting, at least to somebody determined. So it may be harder/more cumbersome/etc., but I believe that you could write exploits in perl or python; it just isn't commonly done in examples because of the extra work (it's also probably harder to read). -- Chris Adams <linux at cmadams.net>