On Fri, Nov 09, 2001 at 02:08:17AM +0100, Wichert Akkerman wrote: > Previously Ethan Benson wrote: > > sorry i don't leave known security holes wide open on my boxes. only > > an idiot does that. > > If you think your box does not have currently unknown holes you are > naive :) why don't you bother to read what i said. script kiddies don't exploit unknown holes as you have stated, and what i stated above is i don't leave KNOWN PATCHED holes on my boxes, those are what script kiddies attack. of course there are unknown holes, anyone exploiting those will NOT be the least bit foiled by toys like noexec /tmp. so here is the situation: i don't leave open holes that script kiddies use with thier skripts only a dumbass skript kiddie will be foiled by noexec /tmp skript kiddies will be foiled by the fact that my boxes are always up to date and patched against all known vulnerabilities. therefore noexec /tmp gives nothing but inconvenience and no added security. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpSyJBgBaWu8.pgp
Description: PGP signature