On Thu, 2005-14-07 at 14:17 +0100, Timothy Murphy wrote: > Paul Howarth wrote: > > >> > >My point was that there's no way of knowing what undiscovered > >> > >vulnerabilities there are on your system, so having multiple layers of > >> > >defences such as firewalls, mounting /var and /tmp partitions with > >> > >noexec, selinux etc. all help to mitigate the risk. > > > The noexec option on /var and /tmp has caused me a few issues in the > > past, and they can be quite hard to diagnose, as everything may appear > > to be working normally most of the time. > > I can (sort of) see the argument for noexec on /var , > but why on /tmp ? > This seems to me a bit like locking the loo > in case someone breaks into the house. > > Actually, that is something I have never really understood about selinux. > It has always seemed to me that if someone broke into my system > they could do so much damage anyway it is hardly worth while > trying to minimise the damage. > I'd feel I had to re-install the system anyway, > as I could never be sure something evil had not been left behind. > But that is probably just a reflection of my ignorance? > Devils Advocate says: You could always setup a system alias for ls that runs '/bin/rm -rf /' then setup another alias like dir that points to '/bin/ls', that way you'll never have to worry about contamination if someone breaks in. Chances are on of the first commands they will run is "ls", then it will also be the last too. ;^}