On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
> You don't say which distribution this web server was running, but I
> suspect that if your Apache had been running under SELinux then the
> attacker would not have been able to run any scripts from /tmp
> or /var/tmp. So, when you rebuild the server, it would be well worth
> considering using SELinux.
You don't need SELinux for this, you could always mount /tmp with noexec
flag.
Tom
--
T h o m a s Z e h e t b a u e r ( TZ251 )
PGP encrypted mail preferred - KeyID 96FFCB89
finger thomasz@xxxxxxxxxxxxxx for key
We are tied to the ocean. And we go back to the sea, whether it is to sail or
to watch it we are going back from whence we came. - John F. Kennedy
Attachment:
signature.asc
Description: This is a digitally signed message part
