Re: Long Exim break-in analysis
On Wed, Dec 22, 2010 at 10:18:50AM +0100, Bernhard R. Link wrote:
> That said, having /tmp noexec,nosuid and /var nosuid will only make some
> script-kiddies slower and the more people use it the less it helps.
It is a start.
> As long as you have things like /dev/shm world-writeable and not
> mounted nosuid there are trivial other ways for attackers.
/dev/shm _is_ mounted nosuid by default.
> And history
> show that there were often ways around noexec and nosuid and though many
> of the known ones should be closed by now,
Around noexec: not much, at least for real binaries. Around nosuid:
please show me. Hijacking other suid-binaries is a different story and
calls for a reduction of privileges.
Bastian
--
No more blah, blah, blah!
-- Kirk, "Miri", stardate 2713.6
Reply to: