Re: [Full-Disclosure] Re: pgp passphrase

[Tomasz Konefal <twkonefal@xxxxxxxxx>]

Jim Richardson wrote:
> On Sun, Mar 21, 2004 at 09:49:29AM +0100, Cedric Blancher wrote:
> > Le dim 21/03/2004 à 02:04, Jim Richardson a écrit :
> >
> > > >Keylogger ?
> > > Installed how?
> > With the worm...
> Where? /home is mounted noexec.

no problem, see here:

http://lists.netsys.com/pipermail/full-disclosure/2004-January/015143.html

"The ability to load a new process image without the direct aid of the 
kernel is important in many scenarios. For example: a program (e.g. 
shellcode) could load a binary off the wire and execute it without first 
creating a copy on disk; or, a program could extract a binary from an 
encrypted data store and execute it without creating a plain text image 
on the disk. Userland exec is useful for any situation where it is 
preferable not to create a file on the disk when executing a program."

cheers,
  twkonefal


--
Tomasz Konefal
Systems Administrator
Command Post and Transfer Corp.
416-585-9995 x.349

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html