Re: your mail

To: debian-security@lists.debian.org
Subject: Re: your mail
From: Alberto Gonzalez Iniesta <agi@agi.as>
Date: Sat, 15 Sep 2001 19:17:05 +0200
Message-id: <[🔎] 20010915191705.A32314@x.inittab.org>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 1000572686.1207.29.camel@rover>
References: <[🔎] 1000572686.1207.29.camel@rover>

On Sat, Sep 15, 2001 at 12:51:26PM -0400, Russell Speed wrote:
> Should I remove /bin/sh for something less obvious as a general
> protection from buffer overflows?
> 

Most shell scripts running on your server call #!/bin/sh, so
removing it will get you in lots of trouble  ;-)
Just try:
$ grep "\/bin\/sh" /etc/init.d/*

If your software is up-to-date buffer overflows shouldn't be a problem.
If you're running Potato, make sure you've this line in
/etc/apt/sources.list:

deb http://security.debian.org stable/updates main contrib non-free

And keep it updated & upgraded  

Also, if you think your machine was compromised, check for backdoors,
modified binaries, etc... Changing passwords may not be enough

-- 
Alberto Gonzalez Iniesta
agi@agi.as

Give Me Liberty or Give Me Death (Patrick Henry)

Reply to:

Follow-Ups:
- Re: protecting against buffer overflow.
  - From: Russell Speed <rspeed@home-eh.com>

References:
- [no subject]
  - From: Russell Speed <rfspeed@attcanada.ca>

Prev by Date: [no subject]
Next by Date: Re: your mail
Previous by thread: [no subject]
Next by thread: Re: protecting against buffer overflow.
Index(es):
- Date
- Thread