Security Breach ?

Paul Howarth paul at
Thu Mar 3 12:26:28 UTC 2005

Thomas Zehetbauer wrote:
> On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
>>You don't say which distribution this web server was running, but I
>>suspect that if your Apache had been running under SELinux then the
>>attacker would not have been able to run any scripts from /tmp
>>or /var/tmp. So, when you rebuild the server, it would be well worth
>>considering using SELinux.
> You don't need SELinux for this, you could always mount /tmp with noexec
> flag.

And /var too, provided they're separate partitions. Another good reason 
not to install into just one big / partition.


More information about the users mailing list