Re: sysadmin in training
Michael Lazin <microlaser@gmail.com> writes:
> SInce Ossec HIDS is GNU Public licensed I think this is not a bad idea to
> include this in the documentation. The referenced article does describe
> securing Debian with open source tools and I honestly have seen this
> documentation for the first time tonight and I think it is very high
> quality. The thing that caught my eye is disabling execution for /tmp. I
I don't know about the current state, but I did disable execution for /tmp
at some point, only to discover that installing some packages failed because
of this.
Although I don't remember, if it was the package or apt-get/dpkg needing
an executable /tmp.
> managed thousands of Debian servers at one time and I often found hacker
> scripts in ./tmp because of a Wordpress exploit. This is because /tmp is
> world writable and presumably people who don't know better are unlikely to
> look for bad scripts there.
Reply to: