Re: Re[2]: Linux hardening
From: Daniel Margolis (dmargoli_at_seas.upenn.edu)
Date: 08/30/05
- Previous message: Leandro Meiners: "Re: Xvfb Question"
- In reply to: Kir: "Re[2]: Linux hardening"
- Next in thread: Kir: "Re[4]: Linux hardening"
- Reply: Kir: "Re[4]: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Aug 2005 19:04:46 -0400 To: Kir <kir_daemon@front.ru>
On Aug 23, 2005, at 12:58 PM, Kir wrote:
>> How did u modify your wget or curl for not to download to /tmp
>> and /var/tmp?
>>
>
> It`s simple, really: you can modify source code of the wget
> to include string matching (strncmp(url, "/tmp", 4)) and
> throwing exception on positive result. Then all you need to
> do is recompile code and replace original wget with the new
> one.
>
What do you mean? Curl prints to STDOUT. If someone manages to exec a
shell, couldn't he just redirect the curl output to /tmp as he desires?
Anyway, it seems to me it'd be more effective to make sure he cannot
execute whatever it is he downloaded; the noexec flag and GRSec's TPE
would probably both be useful for that.
Or did I misunderstand you?
Dan
- Previous message: Leandro Meiners: "Re: Xvfb Question"
- In reply to: Kir: "Re[2]: Linux hardening"
- Next in thread: Kir: "Re[4]: Linux hardening"
- Reply: Kir: "Re[4]: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
