On Sun, Jul 13, 2003 at 11:55:45PM -0400, Matt Zimmerman wrote: > If the user can read files in /tmp, they can execute the code in them. What > problem is noexec /tmp supposed to solve?
In the event that the machine gets popped (depending on the vector of attack), it makes it that much more difficult for the intruder to run exploits on the machine, as it's possible that they cannot write to any directory but /tmp. (This is admittedly unlikely as if they're exploiting a service, that service can mostly likely write SOMEWHERE, which allows for the execution of code; ignoring the fact that the attacker has likely already gained the ability to run arbitrary commands.) It may seem like putting a pebble in front of a tank, but the only defense we have is a many-layered security policy. -- bda Cyberpunk is dead. Long live cyberpunk. http://mirrorshades.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
