16 Aug
2000
16 Aug
'00
07:46
... but it helps a very little only. Take a look how to run a non-exucutable file:
dx:/tmp # ls -l date -rw-r--r-- 1 root root 25272 Aug 14 09:57 date
dx:/tmp # /lib/ld-linux.so.2 ./date Mon Aug 14 10:01:57 MEST 2000
So the noexec option isn't helping (thanks to Jari Laurila
for pointing that out on focus-linux).
This is true, but most scripts/etc assume /tmp can hold executables and execute them without any funkiness like /lib/ld-linux.so.2 /tmp/rewt-shell Since security is NEVER 100% absolute, and is about risk management I would say it's still worth doing since it mitigates some risk (many "default" scripts will break). If you do enough of these little fixes you can make life pretty rough on the attacker.
oki,
Steffen
-Kurt