Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Another IE trick (Re: IE sucks : sun java virtual machine insecure tmp file creation)
From: "Eric Paynter" <eric () arcticbears com>
Date: Fri, 9 Jul 2004 22:12:04 -0700 (PDT)

On Fri, July 9, 2004 5:40 pm, Nick FitzGerald said:
Somewhat oddly
(perhaps -- this is Windows after all...) simply trying to invoke them
from a shell commandline results in an "Access is denied" error (Win2K
SP4 -- YMMV) yet using a command of the form:

   <script_interpreter> <script_filename>

(e.g. "cscript test.js" or "perl test.pl") or simply entering the
script's filename into the Start/Run applet or double-clicking the
script in Explorer sees the script "execute" just fine.

I expect this is because it is the interpreter that is executing, not the
script. The script is just opened for read by the interpreter. This is the
same with Windows file associations: the target is passed as a parameter
to the interpreter. If you "sh /tmp/script.sh", and /tmp is noexec,
script.sh will still run. Even if you chmod 644 /tmp/script.sh you can run
it with "sh /tmp/script.sh"


arctic bears - affordable email and name services @yourdomain.com

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]