Security Breach ?
paul at city-fan.org
Thu Mar 3 12:26:28 UTC 2005
Thomas Zehetbauer wrote:
> On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
>>You don't say which distribution this web server was running, but I
>>suspect that if your Apache had been running under SELinux then the
>>attacker would not have been able to run any scripts from /tmp
>>or /var/tmp. So, when you rebuild the server, it would be well worth
>>considering using SELinux.
> You don't need SELinux for this, you could always mount /tmp with noexec
And /var too, provided they're separate partitions. Another good reason
not to install into just one big / partition.
More information about the users