RE: question about SSH / IPTABLES

To: debian-security@lists.debian.org
Subject: RE: question about SSH / IPTABLES
From: Giacomo Mulas <gmulas@ca.astro.it>
Date: Thu, 23 Jan 2003 15:25:59 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.44.0301231518350.4885-100000@capitanata.ca.astro.it>
Reply-to: Giacomo Mulas <gmulas@ca.astro.it>
In-reply-to: <[🔎] 51341B7FA34CD2119FA20008C7289B1C051C1C32@panoramix.coe.int>

On Thu, 23 Jan 2003, DEFFONTAINES Vincent wrote:

> 2. Mount /home, /tmp and any other place users might have write access on
> with the "noexec" switch, so they can only use binaries installed (and
> allowed to them) on the system.

Do that. Then try /lib/ld.so a_program_on_a_noexec_partition, and see what
happens. Nice try, but unfortunately it does not quite work.
Oh, and don't try to make ld.so non-executable, you don't want to do
that...

Bye
Giacomo

-- 
_________________________________________________________________

Giacomo Mulas <gmulas@ca.astro.it>
_________________________________________________________________

OSSERVATORIO ASTRONOMICO DI CAGLIARI
Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA)

Tel. (OAC): +39 070 71180 248     Fax : +39 070 71180 222
Tel. (UNICA): +39 070 675 4916
_________________________________________________________________

"When the storms are raging around you, stay right where you are"
                         (Freddy Mercury)
_________________________________________________________________

Reply to:

References:
- RE: question about SSH / IPTABLES
  - From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>

Prev by Date: Re: [security-unixtech] Re: question about SSH / IPTABLES
Next by Date: Re: question about SSH / IPTABLES
Previous by thread: Re: question about SSH / IPTABLES
Next by thread: Re: question about SSH / IPTABLES
Index(es):
- Date
- Thread