In article <[🔎] 20031116024448.GA4896@localhost> you wrote: > So what to do now? If /tmp was mounted ro, then none of the attacker's > tools could run (from this attack anyway) Read Only tmp? :) Now that is a funny idea. I can understand to restrict tmp to root or to remove it totally, but why would one want to have it read only? Greetings Bernd -- eckes privat - http://www.eckes.org/ Project Freefire - http://www.freefire.org/