/tmp
Scott C. Ripley
scott-VK/PCEBaDz+N9aS15agKxg at public.gmane.org
Fri May 26 00:09:48 UTC 2006
hey all,
anyone get hassled by:
- some web app is able to write to /tmp as nobody
- able to run file as nobody user (say via perl) even with noexec on the
partition (because perl simply reads/executes the file in /tmp)
some googling suggests it's going around... with suggestions like:
- have separate /tmp partition (with noexec option on partition)
- disable certain PHP functions (via php.ini)
- (keep all your installed webapps patched/updated/etc.)
- etc.
still a pain though... if anybody has a sure fire way to fight this... let me
know?
thanks,
Scott
--
Scott C. Ripley Tel: 01.416.738.6357
Deucalion Technologies Fax: 01.416.201.8922
614A The Queensway http://www.scottripley.com
Etobicoke, ON, M8Y 1K1 mailto:scott at scottripley.com
CANADA
The content of this electronic mail transmission is confidential.
This transmission is intended solely for the use by the person(s) to
whom it was addressed. All other recipients are hereby notified that
any use, copying, dissemination, or disclosure of this information is
strictly prohibited.
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list