WARNING:DO NOT UPGRADE TO CORE 4

Wed Jul 13 19:16:47 UTC 2005

Paul Howarth wrote:

>On Wed, 2005-07-13 at 13:13 -0500, Mike McCarty wrote:
>  
>
>>Paul Howarth wrote:
>>
>>    
>>
>>>On Wed, 2005-07-13 at 11:10 -0500, Mike McCarty wrote:
>>> 
>>>
>>>      
>>>
>>[snip]
>>
>>    
>>
>>>>So, what is my "vulnerability"?
>>>>
>>>>This is a serious question.
>>>>   
>>>>
>>>>        
>>>>
>>>Nobody knows what vulnerabilities there may be. That's why it's
>>>important to have multiple layers of security.
>>>
>>>A vulnerability has recently been discovered in part of the
>>>image-handling code that's used in Explorer. Suppose a similar
>>>vulnerability existed in Mozilla. A carefully crafted image on a website
>>>you visited could result in your mozilla running a cracker's code. That
>>>could run a process that sat around on your system and periodically
>>>logged on to an irc channel to collect jobs to run, such as send out a
>>>bunch of spam or even worse. So never assume you are safe.
>>> 
>>>
>>>      
>>>
>>I don't assume that I am safe. I want to know what my vulnerability is.
>>
>>Apparently, you don't know, either, and can't answer my question.
>>
>>Thanks for the response, though.
>>    
>>
>
>My point was that there's no way of knowing what undiscovered
>vulnerabilities there are on your system, so having multiple layers of
>defences such as firewalls, mounting /var and /tmp partitions with
>noexec, selinux etc. all help to mitigate the risk.
>  
>
Ah, an aswer. I'm perhaps vulnerable to something being put into
/var or /tmp (/tmp world writable) and then being executed from there.

Now that's useful information. So, I possibly should remove '..x..x..x' from
/tmp? That's an idea. BTW, on my system, /tmp is not a separate volume.

Mike

-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
This message made from 100% recycled bits.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!