NOEXEC

About
 Main Page

Get It
 Via the Web
 Via Anonymous CVS

Documentation
 README
 News
 ChangeLog
 Installation
 BUGS

 NOEXEC.1
 NOEXEC.8

Resources
 WEB CVS
 SourceForge Page
 Forums

My Other SF projects
 kbde
 ksm
 nfstimesync
 pkgrebuild
 rpmrebuild (with Eric Gerbier)
 rrp_statify
 statifier

SourceForge.net Logo

 
NOEXEC MAIN PAGE

What IS IT ?

noexec is a package for preventing process(es) from executing exec system call. Primary intent was use noexec with sudo. But sudo from version 1.6.7.p5 implement noexec functionality itself. So, if you still interesting...

Supported platforms.

noexec was tested on:
  • Linux x86
  • Linux alpha
  • Linux sparc
  • SunOs 5.8 sparc
  • FreeBSD 4.9 x86
  • NetBSD 1.6.1 x86
And it should be ease portable to any Unix with LD_PRELOAD supported.

WHERE IT CAN BE USEFULL ?

  • Provide user with some kind of menu and prevent him from escape to the shell
  • sudo configuration - you can be sure user will not got a shell
  • may be for preventing some kinds of exploits of CGI scripts

HOW USE IT ?

LD_PRELOAD=/usr/lib/libnoexec.so vi # vi will be unable to run any shell command

In the /etc/sudoers:
user ALL = /usr/bin/noexec /usr/bin/less /etc/shadow

If you have suggestions/ideas/bug report you can send it to forums

NOEXEC distributed under GPL

NOEXEC was written by Valery Reznic