On Mon, Dec 10, 2007 at 03:59:43PM +0000, MJ Ray wrote:
"Adrian F. Clark" alien@essex.ac.uk wrote: [...]
The student concerned finds that he can't execute programs from his USB memory stick: the system isn't setting the execute bit upon compilation or honouring chmods. [...]
Has he checked the fstab or mount for "noexec" option? Given the target markets, I'd expect them to be shipped with that for USB sticks, but then the previously-mentioned root-shell doesn't make me very confident about it...
The root shell is trivial because it's based off ubuntu, so sudo all the way - a swift sudo su - will would out of the box on most ubuntu based distributions for the primary user these days. I'd guess, though, that in the case of it being loaned to students, the first user will actually be the IT department, and hopefully they'll have enough clue to stop that hole... still with physical access to the machine, without judicious amounts of superglue, there's not going to be a lot you are going to be able to do to stop a determined tyke from getting root anyways.
(Of course, really determined people can magically gain root and set all the details back nicely given even a very small window of sudo rights... I'm sure robrob will remember the circutious route we took with one of the servers at his and steve's work when steve was on holiday to restart the hangman bot as steve... that was a fun excercise in how to abuse the system in inventive ways :)
Cheers,