Debian-Ubuntu weakness to filesystem corruption recovery
Sam Morris
sam at robots.org.uk
Sat Jun 3 14:06:01 BST 2006
On Thu, 01 Jun 2006 23:30:06 -0400, Manuel wrote:
>> Oh and /tmp should be on it's on partition, to mount it with "noexec".
>> many worms and backdoors in some wide spreaded web applications are
>> using this, and somehow it's accessible if it's not mounted with the
>> option "noexec"
>>
> Recently I've to go back and remove noexec. .deb's post-configurations fails
> because some of they create executable temporary scripts
Furthermore, when executing a script, the actual binary being executed is
in /usr/bin. Therefore you can easily create /tmp/evil.pl and then execute
'perl /tmp/evil.pl'.
--
Sam Morris
http://robots.org.uk/
PGP key id 5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
More information about the ubuntu-devel
mailing list