Re: Recommendations for server, 2 take
On Tue, Jan 24, 2006 at 04:30:55PM -0500, Dan MacNeil wrote:
> >>>First thing I do is move /tmp and /var/tmp to a
> >>>partition that's mounted noexec.
> >>>Too many sloppy PHP apps. Worms drop things in /tmp
> >>>and run them from there.
>
> >>Do you know, that you can run anything from there without
> >>haveing /tmp exec?
> >>
> >>Crackerst today can execute anythin even if mounted
> >>noexec
>
> >I would agree, however this is another layer of security that will stop
> >most basic worms that attempt to execute themselfs from the /tmp directory.
>
> There is a short and good looking article by Steve Kemp on the subject here:
>
> http://www.debian-administration.org/articles/57
Note that the example given in this article to bypass the noexec no longer
works on recent installs/kernels:
# /lib/ld-linux.so.2 /tmp/ls
/tmp/ls: error while loading shared libraries: /tmp/ls: failed to map
segment from shared object: Operation not permitted
This is stock 2.6.11.2 on Sarge.
> Chrooting apache w/ it's own special /tmp might be a better approach.
Yeah, for sure.
Ward.
--
Pong.be -( "Just wait, My crystal ball is infallible." -- Linus )-
Virtual hosting -( Torvalds, discussing the future of smart I/O hardware. )-
http://pong.be -( )-
GnuPG public key: http://gpg.dtype.org
Reply to: