Re: Security Breach ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
> You don't say which distribution this web server was running, but I
> suspect that if your Apache had been running under SELinux then the
> attacker would not have been able to run any scripts from /tmp
> or /var/tmp. So, when you rebuild the server, it would be well worth
> considering using SELinux.

You don't need SELinux for this, you could always mount /tmp with noexec
flag.

Tom

-- 
  T h o m a s   Z e h e t b a u e r   ( TZ251 )
  PGP encrypted mail preferred - KeyID 96FFCB89
      finger thomasz@xxxxxxxxxxxxxx for key

We are tied to the ocean. And we go back to the sea, whether it is to sail or
to watch it we are going back from whence we came. - John F. Kennedy



Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux