From owner-freebsd-security  Mon Nov 18 10:31:13 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id KAA03114
          for security-outgoing; Mon, 18 Nov 1996 10:31:13 -0800 (PST)
Received: from salsa.gv.ssi1.com (salsa.gv.ssi1.com [146.252.44.194])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id KAA03102;
          Mon, 18 Nov 1996 10:31:05 -0800 (PST)
Received: (from gdonl@localhost) by salsa.gv.ssi1.com (8.7.5/8.7.3) id KAA15909; Mon, 18 Nov 1996 10:30:55 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199611181830.KAA15909@salsa.gv.ssi1.com>
Date: Mon, 18 Nov 1996 10:30:55 -0800
In-Reply-To: Mark Murray <mark@grondar.za>
       "Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)." (Nov 18,  8:17pm)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Mark Murray <mark@grondar.za>
Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
Cc: chat@freebsd.org, security@freebsd.org
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Nov 18,  8:17pm, Mark Murray wrote:
} Subject: Re: BoS: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2).
} 
} Much easier is to put the users onto a volume that is mounted -noexec.
} This works for compiled binaries, not scripts.

Users, what users?  Oh, I'm definitely doing the -noexec thing on anything
that's writable, and -rdonly on anything that has executables.  Not
to mention nosuid and nodev as appropriate.

Since I'm removing most of the binaries, I'm not too worried about scripts,
even assuming they could get executed in spite of my other measures.  There's
only so much that you can do with cat and echo ;-)

			---  Truck