On mar., 2012-03-27 at 14:18 +0300, Rares Aioanei wrote: > I see that as a myth. Look at it this way: if an attacker already has > access to your machine, he/she can install anything he/she wants, > including compilers, interpreters, whatever. A good way to prevent that is to enforce W^X. There are various kernel ways to do that (MAC, Grsec trusted execution path), but also at mount time, it might be interesting to not have rw and exec on the same filesystem. Regards, -- Yves-Alexis
Attachment:
signature.asc
Description: This is a digitally signed message part