Security Breach ?

Paul Howarth paul at city-fan.org
Thu Mar 3 12:26:28 UTC 2005


Thomas Zehetbauer wrote:
> On Thu, 2005-03-03 at 08:18 +0000, Paul Howarth wrote:
> 
>>You don't say which distribution this web server was running, but I
>>suspect that if your Apache had been running under SELinux then the
>>attacker would not have been able to run any scripts from /tmp
>>or /var/tmp. So, when you rebuild the server, it would be well worth
>>considering using SELinux.
> 
> 
> You don't need SELinux for this, you could always mount /tmp with noexec
> flag.

And /var too, provided they're separate partitions. Another good reason 
not to install into just one big / partition.

Paul.




More information about the users mailing list