Mailinglist Archive: opensuse-security (50 mails)

< Previous Next >
Re: [suse-security] antivir updates not working anymore under 10.0? SOLVED!!
  • From: Bob Vickers <bobv@xxxxxxxxxxxxx>
  • Date: Thu, 25 May 2006 09:56:24 +0100 (BST)
  • Message-id: <Pine.LNX.4.61.0605250946310.30195@xxxxxxxxxxxxxxxxxxxxx>
On Wed, 24 May 2006, Arjen de Korte wrote:

>
> Being well known for years already, a Google search on for instance
> 'circumvent noexec' will give you plenty of pointers where to look. The
> basic idea behind the noexec flag may be nice, but there are so many
> loopholes around it, that the amount of applications that it breaks are
> really not worth all the trouble.
>

I think this is a little contentious. The important question is not
whether noexec *can* be circumvented, but whether it *is* circumvented by
a typical script-kiddie's exploit. If noexec stops some exploits working
then you have gained a valuable extra layer of security.

People's mileage will vary depending on what applications they run, you
shouldn't assume one size fits all.

Bob

< Previous Next >
Follow Ups