paul@xxxxxxxxxxxxxxxxxxx wrote: > Actually I found the hole. > > It was on a phpbb board version 2.0.6. This isn't my board but a friends. > I just host it for him. There is a script that is installed in the tmp > directory which is than run with perl. If I look in my apache logs I can > see this long GET string. > > So I'm gonna reinstall everything. > > I also found a way to make the tmp directory no executable That way even > if a script in the future is installed in that directory. It won't be > able to run. I assume that you mean the noexec option to mount, which can also be used in fstab. You should also investigate the nodev and possibly the nosuid options as well. Yes, they're a good thing. Thanks for letting us know where the hole was: as you can imagine, I'm personally very relieved that it wasn't a hole in Fedora! James. -- James Wilkinson | Nothing can kill this guy. Heâs like a cockroach in a Exeter Devon UK | star fleet uniform. The only guy who can wear red, beam E-mail address: james | down to a new planet, and still show up for the next @westexe.demon.co.uk | episode. -- Mark Stanley, on Star Trek's Miles O'Brien
