Security question: "Text file busy" overwriting executables but not shared libraries?

From: Rob Landley (landley@trommello.org)
Date: Tue Oct 02 2001 - 21:55:02 EST


Anybody want to venture an opinion why overwriting executable files that are
currently in use gives you a "text file busy" error, but overwriting shared
libraries that are in use apparently works just fine (modulo a core dump if
you aren't subtle about your run-time patching)?

Permissions are still enforced, but it seems to me somebody who cracks root
on a system could potentially modify the behavior of important system daemons
without changing their process ID numbers.

Did I miss something somewhere?

Rob
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Oct 07 2001 - 21:00:25 EST