NOEXEC

 About
 Main Page

Get It
 Via the Web
 Via Anonymous CVS

Documentation
 README
 News
 ChangeLog
 Installation
 BUGS

 NOEXEC.1
 NOEXEC.8

Resources
 WEB CVS
 SourceForge Page
 Forums

My Other SF projects
 kbde
 ksm
 nfstimesync
 pkgrebuild
 rpmrebuild (with Eric Gerbier)
 rrp_statify
 statifier

SourceForge.net Logo

 
NOEXEC'S README 
WHAT IS IT ?

noexec - package for preventing process(es) from executing exec system call


WHERE IT CAN BE USEFULL ?

1) You provide user with some kind of menu to allow him to run only
   specific program, and you want to disable possible escape to shell
   from these programs.

2) sudo configuration.
   It was my first goal, but really sudo configuration 
   is a kind of menu

3) I think it can be usefull in preventing some kinds of exploiting
   CGI scripts. 


HOW IT WORKS ?

It's a trivial - my exec* functions simple set errno to EACCES and return -1;


USAGE.

Just set following environment variables:

LD_PRELOAD - to the libnoexec.so location


Or you can write in the /etc/sudoers somethin like this:
user ALL = /usr/bin/noexec /usr/bin/less /etc/shadow 

It will allow to user 'user' look to the /etc/shadow with less and
without option escape to the shell.

LICENSE.

Library distributed under LGPL.
Program - under GPL license


BUG REPORT.

You can report bugs and / or suggestions
to