None of the files in /bin/ are executable on my Gentoo system. Should I file a Gentoo bug for that? - Grant
Should they be installed executable? I used update.sh recently and had to make it executable first.
- Grant
That is a standard security measure in many packages such as this, don't have anything executable unless it is necessary. If you need to run those scripts, make them executable
why?
bash /path/script.sh works
but it does not work for standard exploits which mostly rely on script is executeable by a direct call and most exploit does not try to handle noexec-mounts and call the interpreter with the script as argument and in many cases it's simply impossible to call it this way because you don't have the full shell for your exploit - so they fail
Does the Roundcube process that checks your installation from a browser (can't remember the name) require one of these scripts to be made executable?
On 09/20/2013 08:52 AM, Grant wrote:
Does the Roundcube process that checks your installation from a browser (can't remember the name) require one of these scripts to be made executable?
Installer indeed requires updatedb.sh script to be executable.
I think we could execute scripts via php (adding "php " prefix to command line). I'm not sure this would be good solution.