Security Breach ?
Paul Howarth
paul at city-fan.org
Thu Mar 3 12:26:28 UTC 2005
Thomas Zehetbauer wrote:
> On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
>
>>You don't say which distribution this web server was running, but I
>>suspect that if your Apache had been running under SELinux then the
>>attacker would not have been able to run any scripts from /tmp
>>or /var/tmp. So, when you rebuild the server, it would be well worth
>>considering using SELinux.
>
>
> You don't need SELinux for this, you could always mount /tmp with noexec
> flag.
And /var too, provided they're separate partitions. Another good reason
not to install into just one big / partition.
Paul.
More information about the fedora-list
mailing list