[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[K12OSN] Security Alert - gcc was: Instant Messanger



On Fri, 2003-10-03 at 13:16, Terrell Prude', Jr. wrote:
Just one concern.  Folks could still download the gaim src from, say, Sourceforge, unpack it in /home/studentdir, and compile/run it.  So, I would also recommend doing chmod 500 on /usr/bin/gcc, /usr/bin/g++, and /usr/bin/make.  Those who actually know how to install a compiler in their home directories are folks that you will have trouble stopping in any case (not impossible, just challenging).  But this ought to take care of 99.9% of 'em.


uhh, yeah this is important.  I gave a shell to one young fella, and his .bash_history read like a horror movie.


wget hacked-copy-nasty-tool.tar.gz

tar -xvzf  hacked-copy-nasty-tool.tar.gz

cd hack<TAB> && ./configure && make

./bin/do_bad_things__baaad_things_man


/sw


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]