Re: Attack using php+apache

To: debian-security@lists.debian.org
Subject: Re: Attack using php+apache
From: Bernd Eckenfels <ecki@calista.eckenfels.6bone.ka-ip.net>
Date: Sun, 16 Nov 2003 05:19:06 +0100
Message-id: <[🔎] E1ALENO-0002zK-00@calista.eckenfels.6bone.ka-ip.net>
In-reply-to: <[🔎] 20031116024448.GA4896@localhost>

In article <[🔎] 20031116024448.GA4896@localhost> you wrote:
> So what to do now?  If /tmp was mounted ro, then none of the attacker's
> tools could run (from this attack anyway)

Read Only tmp? :) Now that is a funny idea. I can understand to restrict tmp
to root or to remove it totally, but why would one want to have it read
only?

Greetings
Bernd
-- 
eckes privat - http://www.eckes.org/
Project Freefire - http://www.freefire.org/

Reply to:

Follow-Ups:
- Re: Attack using php+apache
  - From: Dion Mendel <quietude@iinet.net.au>

References:
- Re: Attack using php+apache
  - From: Dion Mendel <quietude@iinet.net.au>

Prev by Date: Re: Attack using php+apache
Next by Date: Re: Attack using php+apache
Previous by thread: Re: Attack using php+apache
Next by thread: Re: Attack using php+apache
Index(es):
- Date
- Thread