[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: we were attacked

On 06/23/2006 3:08:25 PM +0100
Michael Sprague <mfs@saneinc.net> said:

> If possible, make /tmp its own file system and mount it with 'noexec'. 
> This really helps stop these types of attacks.  In fact I would 
> recommend 'rw,noexec,nosuid,nodev' as the mount options.

Sound advice, but make sure you have a mechanism in place for updating a
system (many package installations and updates will fail if /tmp is
noexec). There are a number of ways of doing that.


Reply to: