[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:31101] Re: install woody using USB FDD
ä½é‡Žï¼ 浜æ¾ã§ã™ã€‚
In <20011223140843.2124B53814@xxxxxxxxxxxxxxxxxxxxxx>,
on "Sun, 23 Dec 2001 23:14:15 +0900',
Kenshi Muto <kmuto@xxxxxxxxxxxxxxx> ã•ã‚“ wrote:
> æ¦è—¤ï¼ Debianã·ã‚ã˜ã‡ãã¨ã§ã™ã€‚
ã“ã‚“ã°ã‚“㯠:)
> At Sun, 23 Dec 2001 22:59:07 +0900,
> Taketoshi Sano wrote:
> > 実ã¯ã“ã®æ–¹æ³•ã§ 2.4.16 ãªã‚«ãƒ¼ãƒãƒ«ã«å…¥ã‚Œæ›ãˆãŸ usbfdboot ãª
> > フãƒãƒƒãƒ”ーを作æˆã—よã†ã¨ã—ã¦ãŸã‚“ã§ã™ãŒã€åœ§ç¸®ã•ã‚ŒãŸ root
> > filesystem ã‚’ 2 æžšç›®ã®ãƒ•ãƒãƒƒãƒ”ーã‹ã‚‰ãƒãƒ¼ãƒ‰ã™ã‚‹ã€ã¨ã“ã‚ã¾ã§ã¯
> > ã§ããŸã‚‚ã®ã®ã€å±•é–‹ãŒçµ‚了ã—ã¦ãƒžã‚¦ãƒ³ãƒˆã—ãŸç›´å¾Œã«ã€Œinit ãŒ
> > 見ã¤ã‹ã‚‰ãªã„ã€ã¨ã„ã†ã‚¨ãƒ©ãƒ¼ã§çµ‚ã£ã¦ã—ã¾ã„ã¾ã—ãŸã€‚
>
> ã“ã‚Œã€åƒ•ã‚‚2.4.17rc1入れãŸã‚«ãƒ¼ãƒãƒ«ä½¿ãŠã†ã¨ã—ã¦æ‚©ã‚“ã§ã„ãŸã‚“ã§ã™ãŒã€
> ã‚€ã¤ã¿ã•ã‚“ã‹ã‚‰ã€Œ/lib/ld*ã‚’chmod a+xセヨã€ã¨ã„ã†æŒ‡ä»¤ã‚’å—ã‘ã€
> ã‚„ã£ã¦ã¿ãŸã‚‰ã§ãるよã†ã«ãªã‚Šã¾ã—ãŸã€‚
カーãƒãƒ«ã‚³ãƒ¼ãƒ‰ã‚’èªã‚€ã¨ã€ãã‚‚ãã‚‚ãã†ãªã£ã¦ã„ã‚‹ã¹ãã‚‚ã®ã€ã¨
ã„ã†é¢¨ã«èªã‚ã¾ã™ã。2.2.19 ã§ã‚‚ fs/exec.c ã«ã¯
/*
* Note that a shared library must be both readable and executable due to
* security reasons.
*
* Also note that we take the address to load from from the file itself.
*/
ã¨ã„ã†ã‚³ãƒ¡ãƒ³ãƒˆãŒã‚ã‚Šã¾ã™ã—。
ã§ã‚‚ã€èª¿ã¹ã¦ã¿ãŸç¯„囲ã 㨠2.4.9 㯠2.2.19 ã‚„ 2.4.5 åŒæ§˜ã«
/lib/ld-* ã«å®Ÿè¡Œå±žæ€§ãŒç„¡ãã¦ã‚‚ init ã‚’ execve ã§ãã¦ã„ã‚‹
ã¿ãŸã„ã§ã™ã。一方 2.4.13 ã§ã¯å‹•ãã¾ã›ã‚“ã§ã—ãŸã€‚
ãªã‚“ã¨ãªã 2.4.10-11 ã‚ãŸã‚Šã®ã‚»ã‚ュリティ fix ã§ã“ã®ã¸ã‚“ã‚‚
ä¿®æ£ã•ã‚ŒãŸã®ã‹ãªã¨ã„ã†æ°—ãŒã€‚未確èªã§ã™ã‘ã©ã€‚
一応 2.4.9 㨠2.4.13 㧠fs/exec.c ã® diff ã‚’å–ã£ã¦ã¿ã‚‹ã¨
@@ -347,8 +348,11 @@
if (!err) {
inode = nd.dentry->d_inode;
file = ERR_PTR(-EACCES);
- if (!IS_NOEXEC(inode) && S_ISREG(inode->i_mode)) {
+ if (!(nd.mnt->mnt_flags & MNT_NOEXEC) &&
+ S_ISREG(inode->i_mode)) {
int err = permission(inode, MAY_EXEC);
+ if (!err && !(inode->i_mode & 0111))
+ err = -EACCES;
file = ERR_PTR(err);
if (!err) {
file = dentry_open(nd.dentry, nd.mnt, O_RDONLY);
ã“ã®ã‚ãŸã‚Šãらã„ã«ã—ã‹ EXEC ã®ãƒã‚§ãƒƒã‚¯ã¯å‡ºã¦ã“ãªã„ã¿ãŸã„。
ã“ã® MNT_NOEXEC ã®ãƒã‚§ãƒƒã‚¯ã‚’ IS_NOEXEC ã«æˆ»ã—ãŸã‚‰å‹•ãã®ã‹ãª ?
ã‚ã€ã„ã‚„ã€inode->imode & 0111 ã®ãƒã‚§ãƒƒã‚¯ã§ã‚¨ãƒ©ãƒ¼ã«ãªã£ã¦ã„ã‚‹
å¯èƒ½æ€§ã®ã»ã†ãŒé«˜ã„ã‹ãªã€‚ã“ã“をコメントアウトã™ã‚Œã° 2.4.16 ã§ã‚‚
å‹•ãã‹ã‚‚。
exec.c ã«ã¯ä»–ã«ã‚‚
asmlinkage long sys_uselib(const char * library)
(ä¸ç•¥)
error = permission(nd.dentry->d_inode, MAY_READ | MAY_EXEC);
if (error)
goto exit;
(ä¸ç•¥)
ã¨ã„ã†ãƒã‚§ãƒƒã‚¯ãŒã‚ã‚‹ã‚“ã§ã™ãŒã€ã“れ㯠2.4.9 ã«ã‚‚å«ã¾ã‚Œã¦ã„ã¦ã€
2.4.9 ã§ã¯å‹•ã„ã¦ã„ãŸã‹ã‚‰ã€ãŸã¶ã‚“å•é¡Œç„¡ã„よã†ãªã€‚
> #ã‚ã¨ã®å•é¡Œã¯ã€2.4ベースã ã¨modutilsã‚’æ–°ã—ãã—ãªã„ã¨ã¡ã‚ƒã‚“ã¨ä½¿ãˆãªã„
> ã‚“ã ã‘ã©ã€ãã†ã™ã‚‹ã¨potatoã®ã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ãŒã“ã‚Œã«å¯¾å¿œã—ã¦ã„ãªã„ã€ã¨
> ã„ã†ã“ã¨ã‹ã—ら。ã¨ã‚Šã‚ãˆãšå—è°·ã•ã‚“ä»–å‘ã‘ã®potato CD-Image for blinder
> ãªã‚¤ãƒ¡ãƒ¼ã‚¸ã¯ã§ããŸã‚Šã€‚
ã¾ã‚ã¨ã‚Šã‚ãˆãš base をインストールã™ã‚‹ã ã‘ãªã‚‰ã€modutils ã‚’
使ã‚ãªãã¦ã‚‚後ã‹ã‚‰è¨å®šã§ãã‚‹ã ã‚ã†ã‹ã‚‰ã„ã„ã‹ãªã¨ã€‚
In <y5ar8q98xns.fsf@xxxxxxxxxxxxxxxxxxxx>,
on "Thu, 6 Dec 2001 03:45:14 +0900', I wrote:
> > ä½é‡Žã•ã‚“ã®rescue.binを使ã†å ´åˆã€
> > swap作æˆã€root(target)パーティションã®ãƒžã‚¦ãƒ³ãƒˆã¾ã§ã¯æ‰‹å‹•ã§ã‚„ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã—ãŸã€‚
> ã“ã®ã¸ã‚“ã€ãŸã¶ã‚“ devfs ã®é–¢ä¿‚㧠/dev/ 以下ãŒã‚¤ãƒ³ã‚¹ãƒˆãƒ¼ãƒ©ã®
> 想定ã—ã¦ã„る状態ã¨é•ã£ã¦ã—ã¾ã£ã¦ã„ã‚‹ã®ãŒå•é¡Œãªã‚“ã ã‚ã†ã¨
> æ€ã£ã¦ã¾ã™ã€‚
>
> ãã®ã†ã¡ã«æ™‚é–“ãŒå–ã‚ŒãŸã‚‰ devfs ã®ã‚µãƒãƒ¼ãƒˆã‚’外ã—ãŸã‚«ãƒ¼ãƒãƒ«ã§
> 作り直ã—ã¦ã¿ã¾ã™ã€‚(ã§ãれ㰠lilo fd ã®ä½œæˆæ–¹æ³•ã®èª¬æ˜Žã‚‚)
2.4.9 㧠devfs ã®ã‚µãƒãƒ¼ãƒˆã‚’外ã—ãŸã‚«ãƒ¼ãƒãƒ«ã‚’作ã£ã¦ã¿ã¦
試ã—ã¦ã¿ã¾ã—ãŸãŒã€ã“ã‚Œãªã‚‰æ™®é€šã«ä½¿ãˆãã†ã§ã™ã€‚
ã‚ã¨ã§ rescue image ã®ä¸ã®ã‚«ãƒ¼ãƒãƒ«ã‚’ 2.4.9 (ã‚ã‚‹ã„ã¯ã‚‚ã—
上記ã®æ–¹æ³•ã§ã†ã¾ã potato ã® root ãŒãã®ã¾ã¾ä½¿ãˆã‚‹ã‚ˆã†ã«
ãªã‚Œã° 2.4.16) ã«å…¥ã‚Œæ›ãˆã¦
http://www.debian.or.jp/~sano/usbfdboot
ã«ç½®ã„ã¦ãŠãã¾ã™ã€‚
--
# (ã‚ãŸã—ã®ãŠã†ã¡ã¯æµœæ¾å¸‚ã€ã‚¢ã‚«ã‚¦ãƒŸã‚¬ãƒ¡ã®ãµã‚‹ã•ã¨ã®è¡—)
<kgh12351@xxxxxxxxxxx> : Taketoshi Sano (ä½é‡Žã€€æ¦ä¿Š)