Re: lug-bg: apache strange process
On , 2005-01-20 at 23:12 +0200, Nikola Antonov wrote: On Thursday 20 January 2005 19:54, Peter Georgiev wrote: . - php . , . . , -. ,, ... - /tmp noexec. , . /tmp . /dev/vg2/tmp on /tmp type reiserfs (rw,noexec,nosuid,nodev,noatime) , don't be afraid to be paranoid :) signature.asc Description: This is a digitally signed message part
Re: lug-bg: apache strange process
Vasil Kolev wrote: On , 2005-01-20 at 23:12 +0200, Nikola Antonov wrote: On Thursday 20 January 2005 19:54, Peter Georgiev wrote: . - php . , . . , -. ,, ... - /tmp noexec. , . /tmp . /dev/vg2/tmp on /tmp type reiserfs (rw,noexec,nosuid,nodev,noatime) , don't be afraid to be paranoid :) - nosuid,nodev noexec. , noexec perl python. 2.6 /lib/ld.so program . -- Georgi Chorbadzhiyski http://georgi.unixsol.org/ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: apache strange process
Georgi Chorbadzhiyski wrote: Vasil Kolev wrote: On , 2005-01-20 at 23:12 +0200, Nikola Antonov wrote: On Thursday 20 January 2005 19:54, Peter Georgiev wrote: . - php . , . . , -. ,, ... - /tmp noexec. , . /tmp . /dev/vg2/tmp on /tmp type reiserfs (rw,noexec,nosuid,nodev,noatime) , don't be afraid to be paranoid :) - nosuid,nodev noexec. , noexec perl python. 2.6 /lib/ld.so program . noexec : result from `mount`: /dev/hda3 on /web type reiserfs (rw,noexec,nosuid) hosting:/web# echo 'echo test' test.sh hosting:/web# chmod 755 test.sh hosting:/web# ./test.sh -su: ./test.sh: Permission denied hosting:/web# sh test.sh test hosting:/web# phpBB , . , A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: apache strange process
Milen Trifonov wrote: ps xauf : apache6635 0.0 0.2 1356 312 ?S02:26 0:00 ./xfs apache 15480 0.0 0.2 1352 308 ?S05:23 0:00 ./31338 /var/tmp. . ? . : ps xauwwwfe - 31338 xfs : strace -p 15480 // ... , . P.s. chkrootkit about :) , A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: apache strange process
Danail Petrov wrote: Georgi Chorbadzhiyski wrote: Vasil Kolev wrote: On , 2005-01-20 at 23:12 +0200, Nikola Antonov wrote: On Thursday 20 January 2005 19:54, Peter Georgiev wrote: . - php . , . . , -. ,, ... - /tmp noexec. , . /tmp . /dev/vg2/tmp on /tmp type reiserfs (rw,noexec,nosuid,nodev,noatime) , don't be afraid to be paranoid :) - nosuid,nodev noexec. , noexec perl python. 2.6 /lib/ld.so program . noexec : result from `mount`: /dev/hda3 on /web type reiserfs (rw,noexec,nosuid) hosting:/web# echo 'echo test' test.sh hosting:/web# chmod 755 test.sh hosting:/web# ./test.sh -su: ./test.sh: Permission denied hosting:/web# sh test.sh test hosting:/web# phpBB , . , A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html [EMAIL PROTECTED]:/srv$ mount | grep srv /dev/mapper/vg0-srv on /srv type reiserfs (rw,noexec,nosuid,nodev) [EMAIL PROTECTED]:/srv$ pwd /srv [EMAIL PROTECTED]:/srv$ ls uname www [EMAIL PROTECTED]:/srv$ ./uname -r bash: ./uname: Permission denied [EMAIL PROTECTED]:/srv$ /lib/ld-linux.so.2 ./uname -r ./uname: error while loading shared libraries: ./uname: failed to map segment from shared object: Operation not permitted [EMAIL PROTECTED]:/srv$ pomaga, zashto da ne pomaga noexec, samo che tvoq primer e sus shell script. ot man mount: noexec - Do not allow execution of any binaries on the mounted file system. pozdravi, Georgi Alexandrov P.S. nqmam vuzmojnost v momenta za kirilica :-) A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: apache strange process
ps xauf : apache6635 0.0 0.2 1356 312 ?S02:26 0:00 ./xfs apache 15480 0.0 0.2 1352 308 ?S05:23 0:00 ./31338 /var/tmp. . ? -- Milen Trifonov [EMAIL PROTECTED] A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: apache strange process
On Thu, 20 Jan 2005 19:21:51 +0200; Milen Trifonov wrote: ps xauf : apache6635 0.0 0.2 1356 312 ?S02:26 0:00 ./xfs apache 15480 0.0 0.2 1352 308 ?S05:23 0:00 ./31338 /var/tmp. . ? -- Milen Trifonov [EMAIL PROTECTED] . - php . , . . , -. ,, ... A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: apache strange process
On Thursday 20 January 2005 19:54, Peter Georgiev wrote: . - php . , . . , -. ,, ... - /tmp noexec. , . /tmp . -- Nikola ANTONOV, Sofia, Bulgaria 4 Dragan Tsankov blvd., 1000 Bulgarian National Radio -- http://linux-bg.org http://mirrors.logos-bg.net http://debianbookbg.org -- Public GnuPG key at http://wwwkeys.pgp.net http://ftp.logos-bg.net/pub/Linux-BG.org/GPG_Keys/ Fingerprint: AD64 2468 0AB4 B298 E7E3 92DA 15F5 7AC5 A05E 0F63 -- pgpJpPJtSK8df.pgp Description: PGP signature
