Mailinglist Archive: opensuse-security (320 mails)

< Previous Next >
Re: **maillist-work:: Re: [suse-security] perl script drop
  • From: Thomas Seliger <CRJLJAKTJORB@xxxxxxxxxxxxx>
  • Date: Mon, 12 May 2003 17:32:11 +0200
  • Message-id: <3EBFBE7B.3060205@xxxxxxxxxxxxx>
Hi folks,

Andre ten Bohmer (WU) wrote:

Shell scripts are also blocked, perl scripts indeed run.

Did you try to run them via source? Or cating it into bash?

I think the bottom line is that mounting noexec does not protect you from a dedicated hacker. But it may protect against stupid automated attacks and may buy you the time you need to dicover intrusion attempts.

If you really want to control what kind of files can be executed you'll have to use tools like LIDS or RSBAC.

baba,
Tom


--
this is a maillist account, so please
send personal replies to cso[at]trium[dot]de


< Previous Next >