[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Recommendations for server, 2 take

On Tue, Jan 24, 2006 at 04:30:55PM -0500, Dan MacNeil wrote:
> >>>First thing I do is move /tmp and /var/tmp to a
> >>>partition that's mounted noexec.
> >>>Too many sloppy PHP apps.  Worms drop things in /tmp
> >>>and run them from there.
> 
> >>Do you know, that you can run anything from there without
> >>haveing /tmp exec?
> >>
> >>Crackerst today can execute anythin even if mounted
> >>noexec
> 
> >I would agree, however this is another layer of security that will stop 
> >most basic worms that attempt to execute themselfs from the /tmp directory.
> 
> There is a short and good looking article by Steve Kemp on the subject here:
> 
> 	http://www.debian-administration.org/articles/57	

Note that the example given in this article to bypass the noexec no longer
works on recent installs/kernels:

  # /lib/ld-linux.so.2 /tmp/ls
  /tmp/ls: error while loading shared libraries: /tmp/ls: failed to map
segment from shared object: Operation not permitted

This is stock 2.6.11.2 on Sarge.

> Chrooting apache w/ it's own special /tmp might be a better approach.

Yeah, for sure.

Ward.

-- 
Pong.be         -(  "Just wait,  My crystal ball is infallible." -- Linus  )-
Virtual hosting -( Torvalds, discussing the future of smart I/O hardware.  )-
http://pong.be  -(                                                         )-
GnuPG public key: http://gpg.dtype.org
Reply to: