Date: Sat, 29 Aug 1998 10:01:25 -0400 (EDT) From: Mike Holling <myke@ees.com> To: Andrew McNaughton <andrew@squiz.co.nz> Cc: "Matthew D. Fuller" <fullermd@futuresouth.com>, "Jan B. Koum " <jkb@best.com>, scex <scex@dqc.org>, "Jeffrey J. Mountin" <jeff-ml@mountin.net>, security@FreeBSD.ORG Subject: Re: Shell history Message-ID: <Pine.NEB.4.00.9808291000010.279-100000@phluffy.lm.com> In-Reply-To: <Pine.BSF.3.96.980829191526.6282G-100000@aniwa.sky>
next in thread | previous in thread | raw e-mail | index | archive | help
> > On Fri, Aug 28, 1998 at 10:42:52PM -0700, Jan B. Koum woke me up to tell me: > > > Hmm.. you are right, but what will stop an attacker who has > > > freebsd box or has access to one to download the binary? > > > > mount -u -o noexec /home? > > (and /tmp, of course) > > Does this stop an attacker doing something like loading a file as a > library from perl, using code on stdin? A sufficiently skilled attacker will probably always be able to get root once they have shell access on a box. The key is to prevent them from getting to that point in the first place. - Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.4.00.9808291000010.279-100000>