On Wed, Aug 13, 2003 at 07:08:59PM -0400, Colin Walters wrote:
But Linux capabilities are so weak. They won't protect an apache master
process that runs as root from scribbling over /etc/passwd and giving an
attacker a new uid 0 shell account, for example. At that point it's
really game
On Wed, Aug 13, 2003 at 04:02:41PM -0400, Colin Walters wrote:
Why? Because SELinux doesn't solely associate security with executable
pathnames. If someone takes over control of the apache process via a
buffer overflow or whatever, they don't need /bin/ls to list a
directory; they can just as
On Wed, Aug 13, 2003 at 04:02:41PM -0400, Colin Walters wrote:
Why? Because SELinux doesn't solely associate security with executable
pathnames. If someone takes over control of the apache process via a
buffer overflow or whatever, they don't need /bin/ls to list a
directory; they can just as
On Wed, Aug 13, 2003 at 07:08:59PM -0400, Colin Walters wrote:
But Linux capabilities are so weak. They won't protect an apache master
process that runs as root from scribbling over /etc/passwd and giving an
attacker a new uid 0 shell account, for example. At that point it's
really game
On Tue, Jul 01, 2003 at 02:36:37PM +0200, Javier Castillo Alcibar wrote:
Hi all,
I want to setup a new linux server in internet (apache, php, postfix,
mysql, dns...), and I would like to patch the standard kernel with some
security patches. but my question is, what patches are the best??
On Tue, Jul 01, 2003 at 02:36:37PM +0200, Javier Castillo Alcibar wrote:
Hi all,
I want to setup a new linux server in internet (apache, php, postfix,
mysql, dns...), and I would like to patch the standard kernel with some
security patches. but my question is, what patches are the best??
On Sat, Sep 14, 2002 at 12:56:00PM +0200, Wichert Akkerman wrote:
One wonders why you would have gcc installed on a webserver..
Look at places like he.net... They offer full unix environment hosting
services (including gcc).
7 matches
Mail list logo
