[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Long Exim break-in analysis

On Wed, Dec 22, 2010 at 10:18:50AM +0100, Bernhard R. Link wrote:
> That said, having /tmp noexec,nosuid and /var nosuid will only make some
> script-kiddies slower and the more people use it the less it helps.

It is a start.

> As long as you have things like /dev/shm world-writeable and not
> mounted nosuid there are trivial other ways for attackers.

/dev/shm _is_ mounted nosuid by default.

>                                                            And history
> show that there were often ways around noexec and nosuid and though many
> of the known ones should be closed by now,

Around noexec: not much, at least for real binaries. Around nosuid:
please show me. Hijacking other suid-binaries is a different story and
calls for a reduction of privileges.


No more blah, blah, blah!
		-- Kirk, "Miri", stardate 2713.6

Reply to: