Re[2]: phpBB vulnerability exploited

[Marek Podmaka <marki@onee.sk>]

Hello Fraser,

  Yes, I have been doing the same with /tmp, but some debian packages
  won't install on noexec /tmp. But there are other directorieso n my
  system which are world writable - for example /var/tmp and
  /var/lock.

  Can entire /var be mounted noexec?

Monday, December 13, 2004, 4:17:19, you wrote:

FC> I have the habit of mount /tmp with noexec,nosuid,nodev.  I also mount /usr
FC> and /boot ro.  These minor changes can prevent common automated attacks 
FC> (probably the one you encountered) and don't cause any problems.

-- 
  bYE, Marki