Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My apologies for the delay, Joe, I was on vacation. Now that I'm home, I gave this a try but at least on my machine writing to /dev/shm/ works as I remembered, even with --read-only:

    $ docker run --read-only -ti ubuntu bash
    root@3dfdab770505:/# echo "bar" > /dev/shm/foo
    root@3dfdab770505:/# cat /dev/shm/foo
    bar
So, again, couldn't you just write your binary to /dev/shm and execute it?


It is fairly common to have noexec on /dev/shm; filesystem configurations are always up to the admin so they could feasibly set anything.


Thanks for reminding me of noexec; I'm no Linux security expert by any means, so I was merely trying to figure out what's possible and what's not.

It looks like mounting /dev/shm with noexec is not that common, though, is it? See e.g.

https://unix.stackexchange.com/questions/670362/mounting-dev...

More generally, it regularly blows my mind how hard it is to harden a Linux installation, and how many pitfalls and caveats there are.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: